Question on roaming VPNs using mpd, NAT, and FreeBSD6

Tom Norris tom at trancegeek.net
Wed Jan 10 01:30:56 UTC 2007


Hello everyone,

(sorry if this double-posts, I sent from my unsubscribed work-email account
the first time around...)

	I have a machine running FreeBSD6 happily humming along in a
(remote) datacenter.  I managed to get mpd running thanks to this (
http://web.archive.org/web/20050507010741/http://freebsdaddicts.org/forum/vi
ewtopic.php?id=253 ) guide, and now I'm trying to set up NAT/DHCP on the
server.  I am doing this because I am trying to encrypt my network traffic
over my school's network, because my tinfoil hat has been a lot thicker
lately ;)

The best visualization I can make of what I am trying to achieve is this:
   Windows2003 Laptop (school) ==> tunnel over internet ==> FreeBSD
(datacenter) ==> whatever-part-of-the-internet-my-laptop-asked-for

	I can manage to make my laptop connect to my FreeBSD machine, but I
can't contact any sites other than that FreeBSD Machine.  Meaning, on my
laptop, if I type:
C:\Documents and Settings\Tom>ping google.com

Pinging google.com [72.14.207.99] with 32 bytes of data:

Control-C
^C

I get nothing, but if I do:

C:\Documents and Settings\Tom>ping a.b.c.190

Pinging a.b.c.190 with 32 bytes of data:

Reply from a.b.c.190: bytes=32 time=101ms TTL=49 Reply from a.b.c.190:
bytes=32 time=76ms TTL=49

Ping statistics for a.b.c.190:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round
trip times in milli-seconds:
    Minimum = 76ms, Maximum = 101ms, Average = 88ms Control-C ^C

I get a reply. (63.246.146.190 being the FBSD Machine)

Is enabling internet access for the laptop just a case of adding
gateway_enable="YES" and natd_enable="YES" in /etc/rc.conf then adding
"/usr/sbin/dhcpd (network-alias) -q" to my startup scripts on the FreeBSD
machine?  If this is true, will natd work with only one network card with
multiple IP addresses aliased to it(for example: vr0_alias0=a.b.c.190,
vr0_alias1=a.b.c.191, vr0_alias2=a.b.c.192 ... vr0_alias9=a.b.c.199)  Also,
is it possible to assign the laptop one of the external IPs, so if user foo
connects to a.b.c.194 (for the sake of argument), traffic gets forwarded to
the laptop?

Thank You for Your Time,
Tom Norris




More information about the freebsd-questions mailing list