-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hi,
please, may somebody help with the subj? is it possible at all on
FreeBSD with pf?
I need to binat some of my LAN (network A) ip addresses to some of
secure communication addresses (network B) for, behind IPSec network C,
access
target <-> world <--> em0 - freebsd - vlanA <--> LAN
^ ^ net A
| |
+- netC -.-.-.-.- IPSec -.-.-.-.- net B -+
when I land some B network address on freebsd box, than everything from
that address works but, when I try to bi/nat some network A address to some
network B address, it is not
in pf.conf I try this:
binat on vlanA from A1 to C3 -> B2
where:
A1 is some address from net A
B2 is some address from net B
C3 is some address from net C
I can see incoming packets from A1 to C3 on interface vlanA, but after
that, packets "disappears", I can not find them any other interface and
no return packets
as far as I know I need "nat before vpn" ... but I was not able to find
how to do that ... can I do that with pf on freebsd?
I run FreeBSD 9.2-PRERELEASE #6 r255856: amd64 with system pf
please, help me understand what am I missing ...
- --
Zeus V. Panchenko jid:z...@im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
iEYEARECAAYFAlK7H24ACgkQr3jpPg/3oypenQCeI6R+2lILmP0UxDT273T1S8nU
078AoJ3n1NRfU4L0pSrOKSDYovMpbIRF
=2FPq
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
