The VPN is between a fictif ip address(gives by the_green_bow) to 10.100.1.0/24
Using VPN, i can ping 10.100.1.250 and use also ssh on the box but pings doesn't work for : 10.100.1.100, and 10.100.1.254. On the OpenBSD SIDE : ipsec.conf ike dynamic from 10.100.1.0/24 to any \ main auth hmac-sha1 enc aes-256 group modp1024 \ quick auth hmac-sha1 enc aes-256 psk demokey On Wed, 28 Sep 2011 15:05:52 +0400, pavel pocheptsov <lilit-aibo...@mail.ru> wrote: > what settings on client/home side? > B ipconfig /all, route print..etc > > > 28 QP5P=QQP1QQ 2011, 11:18 P>Q "Wesley M." <open...@e-solutions.re>: > > > > > Hi, > > I have at work: > TS Server : 10.100.1.100 his gateway is 10.100.1.254 (router for private > network) > Firewall : 10.100.1.250 (OpenBSD 4.9, ADSL : sis0, Lan (10.100.1.0/24) > :sis2 > > On the firewall, i can ping 10.100.1.100 and telnet 10.100.1.100 3389 -> > OK > > When i am at home, i connect to firewall using "thegreenbow" vpn is ok, i > can ping 10.100.1.250, use ssh on the firewall, but i can't ping > 10.100.1.100 and can't use rdp on this address. > > my pf rules: > ... > set skip on {lo,enc0} > pass out on sis2 inet proto tcp from $remote to 10.100.1.100 port 3389 > pass out inet proto icmp all icmp-type echoreq > ... > > Any idea ? > thank you very much. > Wesley