Date: Fri, 1 Oct 2004 07:11:24 +0000 From: "Mikhail P." <miha@ghuug.org> To: Juhani Tali <juhani@kernel.ee> Cc: freebsd-net@freebsd.org Subject: Re: confusion with natd Message-ID: <200410010711.24829.miha@ghuug.org> In-Reply-To: <415CFE85.8040005@kernel.ee> References: <200410010543.42789.miha@ghuug.org> <415CFE85.8040005@kernel.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 01 October 2004 06:51, Juhani Tali wrote:
> I would set it up like so:
>
> This one in host B
>
> > natd -interface rl1
>
> And this in host A
>
> > natd -port 8568 -interface tun0
>
> You need to translate all the 192.168.0.x to tunnel's address and you
> cannot do it in host B, because it has no direct connection to 192.168.0.x.
Did not quite understand what you meant here. I can translate 192.168.0.0/24
into tunnel, but as my original message states, only packets to HOST_A fall
into that route, any other packets (even ipfw has "ip from 192.168.0.3 to
any") travel out regular way (not via tun0). That's the most confusing part
("any != "any"), and I'm stuck there.
HOST_B (which is seen as "192.168.0.1" to LAN) has direct connection to
192.168.0.x, and basically it acts as a gateway for 192.168.0.x, so I dance
from there.
> Another solution is with routing, so host B has direct access to the
> 192.168.0.x network.
Tried that already as -
on HOST_A (remote host) -
route add 192.168.0.0/24 192.168.10.2
After that, I can ping 192.168.0.x directly (no NAT) from remote VPN host and
backwards. This, however, does not change anything apart from giving me
direct access to "HOST_A <<-->> 192.168.0.0/24".
>
> > I have been pulling hair off my poor head for few hours on this issue,
> > but did not come to solution, so I'm looking for advises.
>
> Juhani Tali
regards,
M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410010711.24829.miha>