Date: Mon, 2 Jun 2008 09:41:53 -0700 From: "Kurt Buff" <kurt.buff@gmail.com> To: alexus <alexus@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: VPN (IPSEC) Message-ID: <a9f4a3860806020941u37f9abd3lf3e9d84359b8c1ad@mail.gmail.com> In-Reply-To: <6ae50c2d0806020913v2c7665b8nc3673e30cb8627cc@mail.gmail.com> References: <6ae50c2d0805311649p14863af3y43af39fb4aa2cc8a@mail.gmail.com> <6ae50c2d0806020913v2c7665b8nc3673e30cb8627cc@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 2, 2008 at 9:13 AM, alexus <alexus@gmail.com> wrote: > anyone? > > > On Sat, May 31, 2008 at 7:49 PM, alexus <alexus@gmail.com> wrote: >> Hello, >> >> I'm trying to establish a VPN tunnel over internet, I read a >> http://www.freebsd.org/doc/en/books/handbook/ipsec.html on how to set >> it up, I'm some what strangeling if my setup will work at all. >> >> i have box #1 that have 1 primary IP, which is private IP but in front >> of my box, I have a device that translate a public IP address into >> private IP, so "technicaly" its a public IP not a private, yet system >> sees it as private, yet my box #2 has interface with real public ip >> and another interface with private ip, i created GIF0 interface, yet i >> can't ping private range on other box. >> >> >> box#1 >> >> fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 >> options=8<VLAN_MTU> >> ether 00:0f:fe:aa:f4:61 >> inet 192.168.1.251 netmask 0xffffff00 broadcast 192.168.1.255 >> inet 172.16.172.16 netmask 0xffffffff broadcast 172.16.172.16 >> media: Ethernet autoselect (100baseTX <full-duplex>) >> status: active >> plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500 >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 >> inet6 ::1 prefixlen 128 >> inet 127.0.0.1 netmask 0xff000000 >> gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280 >> tunnel inet 38.96.123.42 --> 74.2.252.194 >> inet 192.168.1.251 --> 192.168.2.252 netmask 0xffffffff >> alexus@jot ~ 503$ netstat -rn | grep gif0 >> 192.168.2.252 192.168.1.251 UH 0 15 gif0 >> alexus@jot ~ 504$ >> >> box#2 >> >> su-3.2# ifconfig >> dc0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric >> 0 mtu 1500 >> options=8<VLAN_MTU> >> ether 00:1a:70:10:e3:89 >> inet 74.2.252.194 netmask 0xfffffff8 broadcast 74.2.252.199 >> media: Ethernet autoselect (100baseTX) >> status: active >> fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 >> options=8<VLAN_MTU> >> ether 00:13:20:09:53:31 >> inet 192.168.2.252 netmask 0xffffff00 broadcast 192.168.2.255 >> media: Ethernet autoselect (100baseTX <full-duplex>) >> status: active >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 >> inet 127.0.0.1 netmask 0xff000000 >> gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280 >> tunnel inet 74.2.252.194 --> 38.96.132.42 >> inet 192.168.2.252 --> 192.168.1.251 netmask 0xffffffff >> su-3.2# netstat -rn | grep gif0 >> 192.168.1.251 192.168.2.252 UH 0 602 gif0 >> su-3.2# >> >> >> any suggestions are welcome, thanks! >> -- >> http://alexus.org/ google for "ipsec nat traversal freebsd"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a9f4a3860806020941u37f9abd3lf3e9d84359b8c1ad>