Date: Wed, 13 Nov 2019 18:19:47 -0500 From: Phil Staub <phil@staub.us> To: =?UTF-8?Q?Morgan_Wesstr=C3=B6m?= <freebsd-database@pp.dyndns.biz> Cc: freebsd-pf@freebsd.org Subject: Re: NAT for use with OpenVPN Message-ID: <CAMnCm8hgEsbAoO9Wzjzi=V0_fjCciyTxs7w__rPkgSyexqNpcw@mail.gmail.com> In-Reply-To: <bd92ea85-0441-46f9-b162-511846d87e57@pp.dyndns.biz> References: <mailman.6.1573387200.62111.freebsd-pf@freebsd.org> <CAMnCm8jZQi-UKm_-hF8WS0cofq0OWWP_d5No1AbOP8_KgQE5ZA@mail.gmail.com> <baa548e5-7dc3-05cf-0275-902d0193fc21@pp.dyndns.biz> <CAMnCm8iZ4iLJYOUFFpoTpF_=9xpG2=MN77xi%2BtGaSqumHeeqkQ@mail.gmail.com> <8ba7182d-8c4e-e10e-467b-6cf447490151@pp.dyndns.biz> <CAMnCm8gA_V1trdZtpidms54cmf4TL=R2BZ2MP52fJKrjndxtzA@mail.gmail.com> <fa9054ac-b22f-b873-0749-742b73100dba@pp.dyndns.biz> <CAMnCm8gN9aYgsJQYCuppGQ1M-YPwe1y7kaQCeEcDChrogsXj0w@mail.gmail.com> <b574e8e2-a921-99b8-2d2f-b3dc70341ce3@pp.dyndns.biz> <CAMnCm8gS40S27uOHYiKPp5E2hZhg=FknxTKxSsuH6vgOBD5Z9g@mail.gmail.com> <ef17181f-61b3-c2eb-9ebb-49e437ceea76@pp.dyndns.biz> <CAMnCm8hpTmww-pV%2BFbOcMJwk%2Bz1_bSs%2BcVJg5eu5zm84K8RPSA@mail.gmail.com> <cf52cc1b-c979-155c-604b-8918ac5fc2d6@pp.dyndns.biz> <CAMnCm8i46JOW-bGOutRyxUtJspeSkz4ZjfAQ=XGe_KtbeF387w@mail.gmail.com> <5fce41df-37fb-fc8c-be80-f47dfd0d04ad@pp.dyndns.biz> <CAMnCm8g8OHZdZnuC3qokQ643atK1VQ9DK4qKV_a2GN2Vw=ts=w@mail.gmail.com> <bd92ea85-0441-46f9-b162-511846d87e57@pp.dyndns.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 13, 2019 at 5:37 PM Morgan Wesstr=C3=B6m < freebsd-database@pp.dyndns.biz> wrote: > > See my follow up message. It's the SNAT directive. The tutorial I was > > looking at was > > > > https://www.karlrupp.net/en/computer/nat_tutorial > > Well, I'm too inexperienced with iptables to give you and advice here > unfortunately. > > > Definitely. I assume the way to test that would be to attempt to access > > my router from the outside the same way I would when I log in from the > > inside. > > Yes, connect your phone with mobile data only (no WiFi) and no VPN and > you can try to browse to the admin interface on your external ip. For a > It never connects. The connection times out. more thorough test you could install Termux which will give you a Linux > terminal in your phone. It comes with a built-in package manager so you > can install your favourite Linux tools. You can use it to install nmap > which is the defacto port scanning tool to use. The man page will give > you some examples of the syntax and it will scan for open ports. It > should only find your 1194 port used by OpenVPN. > I have been using a different terminal emulator, but I like Termux. I couldn't figure out how to do ctrl characters with the one I was using. nmap reports only one port open: 1720! I don't know what that's all about, but another port scanner I have been using didn't find that that port is open. Anyway, I'm going to be taking my laptop outside my home WiFi this evening and I'll see if I can get in to my local network with the OpenVPN client. Phil > > /Morgan > _______________________________________________ > freebsd-pf@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMnCm8hgEsbAoO9Wzjzi=V0_fjCciyTxs7w__rPkgSyexqNpcw>