Date: Tue, 04 Jan 2005 14:09:13 +0000 From: "Mattias Nyström" <mattiasnys@hotmail.com> To: freebsd-questions@freebsd.org Subject: setting up vpn Message-ID: <BAY22-F2320E02498156FCFF3A9F9DC910@phx.gbl>
next in thread | raw e-mail | index | archive | help
hi
i have set up a gateway (freebsd 4.10) that has a network behind using
natd. on this internal network i have a fileserver that i need to be
able to reach from outside.
this is how it looks:
my xp computer
|
|
(INTERNET)
|
|
(external ip 1.2.3.4)
GATEWAY (using ipfw. ipwf set to open at the moment)
(internal ip 10.10.1.1)
*
*
*
(internal ip 10.10.1.34)
fileserver
the connection must be secure. tried to config that i could ssh
to 1.2.3.4 on port 7711 and then
the gateway would just bounce me to the filserver. for that i
used redirect_port tcp 10.10.1.34:7711 1.2.3.4:7711.
redirect_port udp 10.10.1.34:7711 1.2.3.4:7711
in natd.conf.
(the ssh port on the fileserver is set to 7711)
this doesnt work at all. i can ssh to the gatway from outside and
then ssh to the fileserver. but i need to find a better way. (easier
way to reach files on the fileserver since the poeple using the
network doesnt know anything about ssh)
i want to use vpn but i cant find a good site explaining me how to set
it up.
been sitting with this problem for a while and dont know what do do.
please help me with this because its driving me crazy!
thanks for all help
my files
natd.conf
interface xl1 #external interface
unregistered_only
use_sockets yes
dynamic yes
same_ports yes
redirect_port tcp 10.10.1.34:7711 1.2.3.4:7711
redirect_port udp 10.10.1.34:7711 1.2.3.4:7711
rc.fonf
#--------- Internet Settings -------
gateway_enable="YES"
hostname="mimmi"
#ifconfig_xl1="DHCP"
ifconfig_xl1="inet 1.2.3.4 netmask 255.255.255.45"
defaultrouter="1.2.3.1"
#---------- DO NOT CHANGE ANYTHING BELOW THIS LINE!!!! ---------
#--------- Intranet Settings ------
natd_enable="YES"
natd_interface="xl1"
#natd_flags="-s -u -m"
natd_flags="-f /etc/natd.conf"
ifconfig_xl0="inet 10.10.1.1 netmask 255.255.255.0"
#-------- Firewall Settings --------
#IPFW ver 4
firewall_enable="YES"
firewall_logging_enable="YES"
firewall_quiet="NO"
firewall_type="open" #open= disable
firewall, close=no internet connection!
#firewall_script="/etc/rc.firewall" #our firewall settings
#--------- Securing Settings---------
tcp_drop_synfin="YES"
tcp_keepalive="YES"
icmp_bmcastecho="NO"
icmp_bandlim="YES"
icmp_drop_redirect="YES"
icmp_log_redirect="YES"
kern_securelevel_enable="YES"
tcp_drop_synfin="NO"
tcp_keepalive="NO"
icmp_bmcastecho="YES"
icmp_bandlim="NO"
icmp_drop_redirect="NO"
icmp_log_redirect="NO"
kern_securelevel_enable="NO"
#--------- NFS file Settings ---------
nfs_server_enable="NO"
nfs_client_enable="NO"
nfs_reserved_port_only="NO"
portmap_enable="NO"
#-------- Syslog Settings ----------
syslogd_enable="YES"
syslogd_flags="-ss"
#-------- Own Settings ---------
sendmail_enable="NONE"
sshd_enable="YES"
usbd_enable="YES"
clear_tmp_enable="YES"
update_motd="NO"
keymap="swedish.cp850"
linux_enable="YES"
inetd_enable="NO"
#ipv6_enable="NO"
#--------- end of file -------
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar [1]MSN Toolbar Get it
now!
References
1. http://g.msn.com/8HMAEN/2752??PS=47575
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY22-F2320E02498156FCFF3A9F9DC910>