Johan Beisser wrote:
On Mon, Jan 25, 2010 at 5:45 AM, Alessandro Baggi
<alessandro.ba...@gmail.com> wrote:
Hi list! I'm setting up a vpn between two openbsd firewall:
This is the scenario:
FW1 FW2
$ext 192.168.1.33 $ext 192.168.1.2
$int 10.1.1.1 $int 192.168.7.1
$host 10.1.3.53 $host2 192.168.7.2
then I've made the certificate, client can contact the server, and from the
client I can ping a Linux Machine behind the server, and from linux machine
to client.
Then I've tried to get communication with LAN clients behind the VPN client
gw. Then, 192.168.7.2 of FW2's VPN can comunicate with 10.1.3.53, but not
viceversa.
Are you permitting traffic from $host through the firewall?
What's your pf.conf?
Have you verified that your firewalls pass other traffic normally?
Hi Johan. Thanks for the answer. I've reduced my pf.conf on client and
server side to:
ext="rl0"
int="rl1"
nat on $ext from $int:network -> $ext:0
nat on tun0 from $int:network -> tun0:0
pass all
I can ping from client LAN of the vpn client the entire Server side lan,
but not viceversa.
