tunnels through a NAT device

Mon, 21 Nov 2005 10:55:16 -0800 

I sent this out Saturday from home, but it doesn't
look like it went out...


-------- Original Message --------
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 19 Nov 2005 17:52:18 -0600
From: Paul Root <[EMAIL PROTECTED]>
User-Agent: Thunderbird 1.5 (Macintosh/20051025)
MIME-Version: 1.0
To: freebsd-stable <freebsd-stable@freebsd.org>
Subject: tunnels through a NAT device
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

I'm trying to setup and encrypted tunnel
between 2 FreeBSD machines. Yesterday, I
did get the tunnel up between two machines
on the same network, and got it encrypted.
Pretty easy following the handbook.

Now, I have a machine at home behind a
DSL modem (Actiontec) that NATs everything.
I've made the machine the DMZ host for
the Actiontec, which basically passes all
ports not otherwise directed to the machine.

The machines are both Sparcs. I'm using
aliases for routing.

Internet machine:

hme0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet A.B.C.D netmask 0xffffffe0 broadcast A.B.C.Z
        inet6 fe80::a00:20ff:fec0:3fe1%hme0 prefixlen 64 scopeid 0x1
        inet 192.168.99.1 netmask 0xffffffff broadcast 192.168.99.1
        ether 08:00:20:c0:3f:e1
        media: Ethernet autoselect (10baseT/UTP)
        status: active

gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet A.B.C.D --> E.F.G.H
        inet6 fe80::a00:20ff:fec0:3fe1%gif0 prefixlen 64 scopeid 0x3
        inet 192.168.99.1 --> 192.168.90.250 netmask 0xffffffff



home NATed machine:
hme0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet6 fe80::a00:20ff:fec0:5061%hme0 prefixlen 64 scopeid 0x1
        inet 192.168.0.250 netmask 0xffffff00 broadcast 192.168.0.255
        inet 192.168.90.250 netmask 0xffffffff broadcast 192.168.90.250
        ether 08:00:20:c0:50:61
        media: Ethernet autoselect (100baseTX)
        status: active

gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet E.F.G.H --> A.B.C.D
        inet6 fe80::a00:20ff:fec0:5061%gif0 prefixlen 64 scopeid 0x3
        inet 192.168.90.250 --> 192.168.99.1 netmask 0xffffffff




Now this works, exactly like this, on two machines that are not
NATed.

E.F.G.H is the address of the dsl modem on the outside. I've tried
setting the home machine's gif0 interface to both E.F.G.H and
192.168.0.250 going to A.B.C.D. Obviously, the internet machine has
to point to E.F.G.H.

Should I set the alias of hme0 on the home machine to E.F.G.H?

Is there a way to do this?





--
   ______       Paul T. Root
  /    _ \      1977 MGB
 /  /||  \\
||\/ ||  _ |
||   ||   ||
 \   ||__//
  \______/

_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to