Thanks for the tips, I was able to log the redirection rules and trace the problem. And there was none at all! PF was working perfectly. The packets were being redirected but I was getting no answer from the 2k3. So, I phoned the sys admin, chatted a little, and found out that he didn't set a gateway to the 2k3 server after a maintenance session. Heh... life is hard ain't it? :)
On 4/9/06, NetNeanderthal <[EMAIL PROTECTED]> wrote: > On 4/9/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote: > > Hello everyone! > > > > I'm having a bit of trouble trying to access a Windows 2003 server > > that is behind an OpenBSD 3.9 -current firewall. > > > > From the LAN, I can remote access the 2k3 server easily, by just > > opening the mstsc and entering the machine's IP (192.168.0.1). > > The problem is, I want to access the 2k3 server from home, and my PF > > rules aren't working =( > > I try to connect to the firewall's external IP via the ms terminal > > service client, but my connection times out... > > > > Here's my pf.conf > <snip ruleset> > > What methods have you used to diagnose this? > > Read the FAQ page and the man pages. > http://www.openbsd.org/faq/pf/logging.html > /usr/bin/man pfctl pflogd tcpdump > > Turn on logging for all block rules and start pflogd. Then, try the > following command and retest the connection attempt: > > /sbin/pflogd > /sbin/ifconfig pflog0 up > /usr/sbin/tcpdump -netttoi pflog0 port 3389 > > If you still can't find what's stopping the connection after examining > pflog0, send the output of the following command back to the list: > > /sbin/pfctl -vvvsa
