From owner-freebsd-questions@FreeBSD.ORG Sat Nov 24 14:06:36 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D99E016A419 for ; Sat, 24 Nov 2007 14:06:36 +0000 (UTC) (envelope-from raggen@passagen.se) Received: from av11-1-sn2.hy.skanova.net (av11-1-sn2.hy.skanova.net [81.228.8.183]) by mx1.freebsd.org (Postfix) with ESMTP id AC6D313C4E1 for ; Sat, 24 Nov 2007 14:06:36 +0000 (UTC) (envelope-from raggen@passagen.se) Received: by av11-1-sn2.hy.skanova.net (Postfix, from userid 502) id 490283868B; Sat, 24 Nov 2007 14:48:37 +0100 (CET) Received: from smtp4-1-sn2.hy.skanova.net (smtp4-1-sn2.hy.skanova.net [81.228.8.92]) by av11-1-sn2.hy.skanova.net (Postfix) with ESMTP id 2E50538684; Sat, 24 Nov 2007 14:48:37 +0100 (CET) Received: from [192.168.1.31] (90-230-142-213-no41.tbcn.telia.com [90.230.142.213]) by smtp4-1-sn2.hy.skanova.net (Postfix) with ESMTP id D950237E43; Sat, 24 Nov 2007 14:48:36 +0100 (CET) Message-ID: <47482C2C.6010700@passagen.se> Date: Sat, 24 Nov 2007 14:50:36 +0100 From: Roger Olofsson User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Jerahmy Pocott References: <7BB1A732-4F07-499E-A183-22776FEEEE90@optusnet.com.au> In-Reply-To: <7BB1A732-4F07-499E-A183-22776FEEEE90@optusnet.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: Difficulties establishing VPN tunnel with IPNAT X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Nov 2007 14:06:36 -0000 Hello Jerahmy, Assuming you want to connect from the outside to your VPN. Have you made sure that port 2401 is open for inbound traffic in your ipf.rules? You might also want to do 'ipnat -C -f '. Man ipnat ;^) Greeting from Sweden /Roger Jerahmy Pocott skrev: > Hello, > > I recently decided to give ipf and ipnat a try, previously I had always > been using > ipfw and natd. Since switching over I can no longer establish a VPN > tunnel from > any system behind the gateway. > > I did 'ipf -F a' to flush all rules but I was still unable to connect so > I think it's a problem > with ipnat? Also my redirect from ipnat doesn't seem to work either. > > These are the only ipnat rules I have: > > (fxp1 is the external interface) > > # ipnat built in ftp proxy rules > map fxp1 10.0.0.0/24 -> 0/32 proxy port 21 ftp/tcp > map fxp1 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp > > # CVS Server on Fileserv > rdr fxp1 0/32 port 2401 -> 10.0.0.2 port 2401 tcp/udp > > # nat all out going traffic on fxp1 from internal lan > map fxp1 10.0.0.0/24 -> 0/32 > > > I can post my firewall rules too if that would help, however with NO > rules set it > still didn't work so I don't think that would help.. (I'm using the klm > which is default > to accept?) > > Thanks! > J. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > >