VPN IPSEC WIRELESS

" -->

From: ddg (ddg_at_yan.com.br)
Date: 05/23/03

  • Next message: Santos: "ipfirewall(4)) cannot be changed" 
    To: freebsd-config@freebsd.org, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org, freebsd-net@freebsd.org
Date: Thu, 22 May 2003 20:58:30 --300

    I am having problems in the implementation of a VPN, below made a project of my net:

      INTRANET
    (10.0.0.0/24)
          |
      10.0.0.5
         xl0
    NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
         wi0
    192.168.213.10/30
          |
          |
       Wireless
         VPN
          |
          |
    192.168.213.9/30
         xl2
    FreeBSD NATD ( divert natd all from any to any )
         xl0
    200.x.x.5/24
          |
    200.x.x.1/24
       Router
          |
          |
      INTERNET

    NetBSD Node ( ipsec.conf ):
    spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;
    spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;

    FreeBSD Node ( ipsec.conf ):
    spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;
    spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;

    The connection between the NetBSD and the FreeBSD work correctly.
    The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet.
    I do not know to make a rule for ipsec.conf that he makes with that the connections of 10.0.0.0/24 are directed for inside of tunnel.

    Somebody knows the solution?

    []s Daniel Dias Gonçalves
    f22@netbsd.com.br 

    ----
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Santos: "ipfirewall(4)) cannot be changed"

    Relevant Pages

    • VPN IPSEC WIRELESS
      ... I am having problems in the implementation of a VPN, below made a project of my net: ... FreeBSD NATD ... The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet. ...
      (freebsd-net)
    • VPN IPSEC WIRELESS
      ... I am having problems in the implementation of a VPN, below made a project of my net: ... FreeBSD NATD ... The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet. ...
      (freebsd-hackers)
    • Re: lan bandwidth issue
      ... used the FreeBSD as a NATd server for my ADSLconnection. ... positive effect on the upload speed. ... xl0: flags=8843mtu 1500 ...
      (freebsd-questions)
    • Re: lan bandwidth issue
      ... used the FreeBSD as a NATd server for my ADSLconnection. ... xl0: flags=8843mtu 1500 ... >10/100 nics and a 50' crossover cable. ...
      (freebsd-questions)
    • Re: IPsec with NAT-T in transport mode dropping all packets?
      ... the background is that I'm trying to configure a FreeBSD box to provide to remote Windows clients with VPN access to the network it sits on. ... mpd's log doesn't show any evidence of a single packet arriving (and the client eventually gives up). ... Since my first post, I've tried initiating a connection from a client directly connected to the network I'm trying to VPN in to and that works just fine, so I can provide differences between the logs of a failed and working connection. ...
      (freebsd-questions)