FreeBSD 7 and FreeBSD 8 OpenVPN problem
sample at email.cz
sample at email.cz
Thu May 12 14:31:10 UTC 2011
Hi,
I have a problem with the different behavior of OpenVPN under FreeBSD 7 and FreeBSD 8. Problem is as follows. I have created an OpenVPN server and IPSEC tunnel. I have a client which is connecting via OpenVPN to LAN.
This is working properly (client is able to reach all computers inside LAN and their services) in both cases - FreeBSD 7 and 8. The problem occurs when I want to connect (e.g. PING) the LAN interface of FreeBSD - for example "em0" with IP 192.168.1.1.
On FreeBSD 7 (server) when I run tcpdump, I see packets coming from the OpenVPN network on the FreeBSD LAN interface ("em0" with IP 192.168.1.1) - everything works as should.
On FreeBSD 8 (server) - the ping from the client to LAN interface "em0" is working (I get reply from ip 192.168.1.1 (em0) on client PC), but when I run tcpdump on the LAN interface (192.168.1.1 - em0), I don't see any ICMP packets. (I wonder, what is answering me then?).
I found out the problem when I needed to configure NAT from OpenVPN to IPsec network. The NAT (PF) is working on FreeBSD 7.3! So the OpenVPN client is able to access the servers behind IPsec.
When I tried to do the same for FreeBSD 8.2 (8.1), It does not work! It's simple, because the packet does not reach the interface, NAT does not apply.
I've tried it on two machines with FreeBSD 7.3 and FreeBSD 8.1 and 8.2.
Did you meet that kind of problem?
More information about the freebsd-net
mailing list