I have a sun box acting as a FW/NAT/Router.
It has 4 interfaces
le0 -> internet (and default gw)
le1 -> wifi (192.168.1.XXX)
le2 -> voip segment (10.1.1.X)
le3 -> dev seg (10.2.2.X)
tun0 -> vpn (using openvpn) to remote box in colo (10.0.0.X)
The VPN is running fine, I can ping the remote box, etc. I've add the
following route:
route add -host 64.34.197.144 10.0.0.1
As the sole purpose of this VPN is route traffic destined for that IP
out the VPN and out of the other side.
Going from my fw box this works like a champ.
Going behind it. Traffic hits the FW, and stops.
My question is, do I need specific ipfilter rules for this. Or is adding
the route enough?
The only rule I have related to this setup is
pass out quick on tun0 keep state
along with pass in/pass out statements for le1 (the main lan interface)
And a:
block in on tun0 all
I'm only assuming it's IPF, But I am flailing in the dark :)
