Hi good people !
I need to make connection from server witch is in LAN1 to server witch
is in LAN3.
And I need to make another connection from that same server witch is in
LAN3 to that same server witch is in LAN1.
There is 3 different company Ethernets, and I need to make this
connection trough my company. There is no way to make direct VPN from
LAN1 to LAN3 - Business etc.
|---LAN1---------| |----OpenBSD------| |------LAN2------|
|-10.210.1.0/24--|<------->|--Router/pf/vpn--|<-------->|-192.168.0.0/24-|
|----------------| |-----------------| |----------------|
|
| VPN IPsec over public Internet.
|
|-------LAN3------| |---Netscreen 5xt---|
|-192.168.30.0/29-|<------>|---Router/pf/vpn---|
|-----------------| |-------------------|
This VPN is from LAN2 to LAN3
I will make nat,rdr or binat, because I can't give direct access. I need
to control what, where and how can connect.
I tried to make redirect like this:
rdr from 10.210.1.2 to 10.210.1.1 -> 192.168.30.1
But, OpenBSD box, cant see the LAN3 network, or Nestcreen box internal
IP. - I tried ping, telnet, ssh etc.
Of course I can see that all, if i connect from LAN2 or LAN3.
How can I see this server in LAN3 from OpenBSD box ?
Or maybe there is better way to do that ?
In my pf.conf is no deny rulle
There is my ipsec.conf:
ike esp from 192.168.0.0/24 to 192.168.30.0/29 \
local x.x.x.x peer x.x.x.x \
main auth hmac-md5 enc 3des \
quick auth hmac-md5 enc 3des \
psk "xxx"
This is OpenBSD snapshot from 2007.26. Jan. (or something that way).
Best regards
Matiss