From owner-freebsd-net@FreeBSD.ORG  Tue Jul 31 06:51:25 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 75BC8106566B
	for <freebsd-net@freebsd.org>; Tue, 31 Jul 2012 06:51:25 +0000 (UTC)
	(envelope-from emz@norma.perm.ru)
Received: from elf.hq.norma.perm.ru (unknown [IPv6:2001:470:1f09:14c0::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 1DDA18FC0A
	for <freebsd-net@freebsd.org>; Tue, 31 Jul 2012 06:51:24 +0000 (UTC)
Received: from bsdrookie.norma.com. ([IPv6:fd00::7fc])
	by elf.hq.norma.perm.ru (8.14.5/8.14.5) with ESMTP id q6V6pMWK048642
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO)
	for <freebsd-net@freebsd.org>; Tue, 31 Jul 2012 12:51:22 +0600 (YEKT)
	(envelope-from emz@norma.perm.ru)
Message-ID: <5017806A.8050608@norma.perm.ru>
Date: Tue, 31 Jul 2012 12:51:22 +0600
From: "Eugene M. Zheganin" <emz@norma.perm.ru>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
	rv:14.0) Gecko/20120727 Thunderbird/14.0
MIME-Version: 1.0
To: freebsd-net@freebsd.org
References: <501696C6.4040208@higonnet.net>
In-Reply-To: <501696C6.4040208@higonnet.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7
	(elf.hq.norma.perm.ru [IPv6:fd00::30a]);
	Tue, 31 Jul 2012 12:51:22 +0600 (YEKT)
X-Spam-Status: No hits=-97.8 bayes=0.5 testhits RDNS_NONE=1.274,
	SPF_SOFTFAIL=0.972,USER_IN_WHITELIST=-100 autolearn=no version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on elf.hq.norma.perm.ru
Subject: Re: Uanble to use mpd5 as a gateway VPN, FreeBSD
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jul 2012 06:51:25 -0000

Hi.

On 30.07.2012 20:14, Bernard Higonnet wrote:
> Hello,
>
> Hope this is the right place to mail...
>
> I have two networks A and B.
>
> One machine on A runs an MPD5 server.
>
> On network B I have machine X which has an MPD5 client used to 
> establish a connection the VPN server on machine Z in network A. Seems 
> to work fine (ping, ssh, etc.). This machine is also set up as a 
> gateway. When I look at the routing table, it looks OK, all references 
> to A being sent to Z.
>
> On network B I also have machine Y. On this machine I have added a 
> route which specifies that network A is to accessed via machine X.
>
> It would appear (sic) that requests from Y to a machine on A are 
> received by that machine. However, nothing ever comes back.
>
> All these machines are running FreeBSD, 8 on Z, and 9.0 on X and Y.
>
> I'm hoping I have forgotten some very obvious thing which a kind soul 
> will point out to me so I don't have to tcpdump everything all over 
> the place...
>
So.... Z is an mpd, X is a client, Y is a machine behind a client. X 
sees Z, Y doesn't see Z because Z isn't answering, however, Z sees 
incoming packets.
My guess - Z doesn't know where is the B network, as when X is 
exchanging packets with Z, it does it by using it's p2p-address.

Try to see the output of 'route -n get <B network ip address>' on Z.
If I'm right - add a route, via bundle matching or via up-script, or 
manually, or use nat on X.

Eugene.