nat lan to tun (nat before vpn)
Zeus Panchenko
zeus at ibs.dn.ua
Mon Jul 21 08:44:04 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hi,
just was stumbled on the subject ... please, may somebody advise what am
I missing?
I have:
FreeBSD 10.0-STABLE #0 r261303
BoxA:
LAN: 192.168.0.1/24
TUN (OpenVPN): 172.16.10.1
with route to 172.16/12 set via tun
BoxB:
LAN: 192.168.0.2/24
with route to 172.16/12 set via boxA lan
I need:
to give access to 172.16/12 for boxB via nat on boxA
in boxA pf.conf:
nat on tun1 from 192.168.0.2 to 172.16/12 -> 172.16.10.1
pass in log on tun1
pass in log (all) on $if_lan inet proto { tcp udp } from 192.168.0.2
when I spawn traffic to 172.16/12 from boxB I can see packets on lan
boxA but nothin is on boxA tun ...
so, can I do that this way or I need something yet? is it nat-before-vpn
case which is not implemented in FreeBSD pf yet (at last it was so)?
- --
Zeus V. Panchenko jid:zeus at im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlPM0pEACgkQr3jpPg/3oyoSvwCg3XKMmYZ+i4Hewv/Lyde/pzZ3
uvYAoNkplMMP4+C9r/PP4Jw/Zg9JQJXo
=H//M
-----END PGP SIGNATURE-----
More information about the freebsd-pf
mailing list