using ipfw for NAT mapping in a 1:1 fake:real IPs for VPN
James Bakner
lollergate at gmail.com
Mon Nov 13 20:13:51 UTC 2006
Hi,
I have a pretty complicated setup currently and am trying to figure out
exactly how to implement it. I'm pretty unfamiliar with freebsd, the
last incarnation I used was 4.3 and I only used it for a few months
before moving to linux.
I have a VPN setup for an IP range 10.0.0.1-10.0.0.255 for clients
connecting using OpenVPN.
Now I am handling NAT for these up to 5 IPs. I have 5 real IPs that
are allocated to the machine that the VPN server runs on (OpenVPN). I
need each client to have a real and unique IP, although not from the
client's viewpoint.
From my understanding, I would get OpenVPN to give out IPs
10.0.0.1-10.0.0.5.
I would then set up rather than a standard NAT for like 192.168.0.0/24
through A.B.C.D (single real IP)
I would now set up
nat 10.0.0.1 through A.B.C.D
nat 10.0.0.2 through A.B.C.E etc
Does this make sense and am I missing something? These would be going
through BSD's tun-type device.
Thanks,
-James
More information about the freebsd-questions
mailing list