Problems using a Powerware 5110 (with nut 2.0.3)

Hello, I'm trying to connect to my Eaton Pwoerware 5110 with usb. I have installed OpenBSD 4.0 and nut-2.0.3. The dmesg part for the UPS reads: ugen0 at uhub0 port 2 ugen0: Powerware Powerware UPS, rev 0.20/0.50, addr 6 I tried to configure /etc/nut/ups.conf [UPS] driver = bcmxcp_usb

Re: Why does Anthy dependon emacs? (was Re: japanese input method uim anth )

On Sat, 25 Nov 2006 14:20:12 +0900 [EMAIL PROTECTED] (Mathieu Sauve-Frankel) wrote: > You will notice that emacs is only a BUILD_DEPENDS. It is needed to > build the anthy module for emacs. The ports tree is intended for > BUILDING PACKAGES. If you are not "interested" to install what is > requi

Re: powerpc package updates

I replied to Ben privately already, but the lack of powerpc package snapshots is due to a short term problem with the machine that should get resolved soon... in case others wonder.

Re: pciutils - writing with setpci doesn't work on an Apple Mac mini (Intel)

Sorry to answer myself, but I've found a solution already, thanks to the really perfect OpenBSD documentation (and I'm still quite a beginner). Here's the solution for all who read this list and who want to switch on what the Apple documentation calls "server mode", which is getting a Mac Mini (In

Why does Anthy dependon emacs? (was Re: japanese input method uim anth )

Your timing is excelent - i was literally just starting to look into setting up japanese input on OpenBSD when this message came through. However, I have a question for the maintaner ( ports@ ? ) Why does anthy depend on emacs? On FreeBSD & Linux it certainly doesn't, and I have no interest in c

japanese input method uim anth

Hi , all . i express heartly thanks for the man who Add uim anthy to ports . i now input japanese on konqueror . i simply write down my doing . /etc/rc.local --- echo -n 'starting local daemons:' echo '.' /usr/local/sbin/cups

Re: Software License

On Nov 24, 2006, at 6:28 PM, Joel Goguen wrote: It seems to me that such a license would be too restrictive for many. The goal of OpenBSD (AFAIK) is not to force or coerce lock-in to a single OS - that's Microsoft's turf :) Theo said it best. But software which OpenBSD uses and redistributes m

Re: Software License

It seems to me that such a license would be too restrictive for many. The goal of OpenBSD (AFAIK) is not to force or coerce lock-in to a single OS - that's Microsoft's turf :) Gustavo Rios wrote: > Dear list members, > > i am planning to write a software system and would like to release it > for

Re: Can OpenBSD rfmon WLans

> i actually never tested it with openbsd (why? i can use tcpdump and > hostapd(8) for wireless monitoring). Really?

Re: SiS 964 ethernet with sis(4)?

On 2006/11/25 03:55, Soner Tari wrote: > I'm planning to purchase a motherboard with SiS 661FX/964 chipset. Can I > assume sis(4) driver on OpenBSD 4.0 amd64 supports the ethernet on SiS > 964? Looks like it probably does. http://archives.neohapsis.com/archives/openbsd/2006-06/1627.html Don't kno

SiS 964 ethernet with sis(4)?

I'm planning to purchase a motherboard with SiS 661FX/964 chipset. Can I assume sis(4) driver on OpenBSD 4.0 amd64 supports the ethernet on SiS 964? (In other words, sis(4) mentions SiS 900, does it mean 9xx?) Thanks,

Re: Java firefox plugin

On Fri, 2006-24-11 at 14:29 -0800, Greg Thomas wrote: > On 11/24/06, ICMan <[EMAIL PROTECTED]> wrote: > > Hello, > > > > When I compiled the JDK 1.5 in ports, it did not create a plugin for > > Firefox, or if it did, I can't find it. Can anyone help? I would like > > to install the plugin for my

tampering with suspect's cars

In the San Francisco bay area the F--B-I tamper with suspects cars. They put an oily substance in my windshield waasher, loosened suspension components, removed wheel weights, put nails in tires,etc.. Has any of his happened in Huntsville alabama? I have often warned the corrupt tails that ta

RFC on XMLSysInfo, and Thanks for the joyride!

Hi, many moons ago, I mentioned the system monitor I wrote in some thread here on misc@, as it was possibly useful for someone then. I continued working on it, and it has come a long way since. Initially written on and for OpenBSD, it now also runs on FreeBSD, NetBSD, Linux, Solaris, and a b

Re: Software License

On Fri, Nov 24, 2006 at 08:49:43PM -0200, Gustavo Rios wrote: > Dear list members, > > i am planning to write a software system and would like to release it > for the community. But, i would like to promote, some how, people > usage of OpenBSD operating system, no one else. > > My ideia is to ela

Re: Software License

this sounds like a really bad joke to me... On Fri, Nov 24, 2006 at 08:49:43PM -0200, Gustavo Rios wrote: > Dear list members, > > i am planning to write a software system and would like to release it > for the community. But, i would like to promote, some how, people > usage of OpenBSD operating

dns working but problem w etherape

I thought I'd check to see if anyone here have been here... OK, having gotten X up, etherape installed, I'm getting a complaint that "No nameservers defined. I've tested the local dns every way but Sunday, and it all seem to work just fine. I got a local LAN under RFC1918. I can do both forwar

Software License

Dear list members, i am planning to write a software system and would like to release it for the community. But, i would like to promote, some how, people usage of OpenBSD operating system, no one else. My ideia is to elaborate a license that allows only for openbsd installation to have installe

Re: New Article

On Friday, November 24, 2006, at 22:43:18, Chris wrote: > This site is a riot! it makes fun of all the OS's i.e. NetBSD: http://uncyclopedia.org/wiki/NetBSD "NetBSD (interNET Bourne Sexual Disease) is a computer virus" :-P Anyway, I think "real men write their own device drivers" should be motto

pciutils - writing with setpci doesn't work on an Apple Mac mini (Intel)

Hello! :-) I try to set a register using the package pciutils-2.2.1.tgz to switch "server mode" on (automatic reboot after power failture) on an Apple Mac mini (Intel), though it doesn't work so far. Basically I use -current with a GENERIC.MP kernel, but with ACPI enabled: # cat /usr/src/sys/ar

Re: Java firefox plugin

On 11/24/06, ICMan <[EMAIL PROTECTED]> wrote: Hello, When I compiled the JDK 1.5 in ports, it did not create a plugin for Firefox, or if it did, I can't find it. Can anyone help? I would like to install the plugin for my Firefox implementation pkg_info -M jdk Also, is there any informatio

Re: New Article

Brian O'Sullivan wrote: > Has anyone seen > http://uncyclopedia.org/wiki/OpenBSD ? > Quite informative. > This site is a riot! it makes fun of all the OS's -- Best regards, Chris Never eat at a place called moms, never play cards with a man named doc, and never lie down with a woman who has g

Re: ipsecctl setting up multiple SAs

On Fri, Nov 24, 2006 at 05:22:05PM +0100, H?kan Olsson wrote: > 5. the selected SPI (or "larval" SA state) on the local system is > updated with the keying material, timeouts etc - i.e the "real" SA is > finalized > > This continues until all negotiations are complete -- however there > is a

Java firefox plugin

Hello, When I compiled the JDK 1.5 in ports, it did not create a plugin for Firefox, or if it did, I can't find it. Can anyone help? I would like to install the plugin for my Firefox implementation Also, is there any information about other plugins for Firefox which have been ported to Ope

Re: Mail to 'misc' being forwarded to 'ports'?

On Fri, Nov 24, 2006 at 10:33:35AM -0500, Alden Pierre wrote: > This happens to me as well and unfortunately I don't know how to remedy > this problem. OK, I actually read those headers this time, and I think I have a clue now. Look: > >Received: from wx-out-0506.google.com (wx-out-0506.google.c

Re: on the remote root login in OpenSSH

On Fri, 24 Nov 2006, Paul de Weerd wrote: > Hi Dave, > > On Fri, Nov 24, 2006 at 01:50:52AM -0500, Woodchuck wrote: > | At worst you have a small window during installation in which root > | logins are allowed, before you shut them off by chroot'ing as Paul > | outlined in his post. > > I'm not

Re: wirless LAN - DWL-G120 on OPENBSD 4.0

It is based on the Conexant Prism54 USB2.0 chipset which is not currently supported in OpenBSD. If you send it to me I may consider writing a driver for it on a rainy day ;-) Damien | Is any one working on this driver? | I have D-LINK DWL-G120 USB wireless. | dmesg shows some thing like this | -

Re: Is RAIDframe good for production?

On Fri, 24 Nov 2006, Igor Goldenberg wrote: > So, what's better - to have base system partially on RAID or only for > custom data or not to use RAID at all? > We use RAIDFrame all the time, but *ONLY* on production servers with totally reliable power. We used to use it for customer machines, but w

New Article

Has anyone seen http://uncyclopedia.org/wiki/OpenBSDhttp://uncyclopedia.org/wiki/OpenBSD ? Quite informative. _ The new Windows Live Toolbar helps you guard against viruses http://toolbar.live.com/?mkt=en-gb

Unlock your ePassporte Online Account

WARNING! We've noticed that you experienced trouble logging into ePassporte Online Account. After three unsuccessful attempts to access your account, your ePassporte Online Profile has been locked. This has been done to secure your accounts and to protect your private information. ePassporte is co

Re: powerpc package updates

You want to ask pvalchev@ about that. On (24/11/06 08:46), Ben Calvert wrote: > I notice that while some platforms ( i386, amd64, sparc64 ) get their > current packages rebuilt somewhat frequently, the powerpc platform is > over 30 days old. > > Is this due to a hardware shortage? Would getting

Re: crash on 4.0 (but no ddb)

> >I'm not sure what to do at this point. I'll run memtest86 tonight, but > >I'm very skeptical that it will reveal any hardware problems. This > >machine started acting strange the next day after I upgraded it to 4.0, > >and I can't recall a single crash during the 3.7 - 3.9 releases. I've had

Re: Mail to 'misc' being forwarded to 'ports'?

On Fri, Nov 24, 2006 at 08:20:02AM -0700, Darrin Chandler wrote: > On Fri, Nov 24, 2006 at 02:52:23PM +, Brian Candler wrote: > > I'm getting the following when posting to 'misc'. Is this known and/or > > intentional? > > > > I'm not bcc'ing to 'ports' - honest! > > Something weird is going o

powerpc package updates

I notice that while some platforms ( i386, amd64, sparc64 ) get their current packages rebuilt somewhat frequently, the powerpc platform is over 30 days old. Is this due to a hardware shortage? Would getting someone to donate an Xserve help? - Hobbes : Well, you still have afternoons and

Re: ipsecctl setting up multiple SAs

On 24 nov 2006, at 13.12, Brian Candler wrote: ... Time(s) Num flows --- - 10 606 20 976 30 1286 40 1384 50 1768 60 1946 70 1946 .. And there it stops, never reaching 2000 (in+out). But I find the following in /var/log/messages:

Re: crash on 4.0 (but no ddb)

From: "Stephen Takacs" <[EMAIL PROTECTED]> Sent: Friday, November 24, 2006 9:35 AM ---snip--- I'm not sure what to do at this point. I'll run memtest86 tonight, but I'm very skeptical that it will reveal any hardware problems. This machine started acting strange the next day after I upgraded i

Re: Why Sendmail?

Martin, Why being so nice? Fear of widening openbsd customer base? /Paolo On Nov 23, 2006, at 2:44 PM, Martin Schrvder wrote: Search the archives, you troll

Re: Mail to 'misc' being forwarded to 'ports'?

This happens to me as well and unfortunately I don't know how to remedy this problem. Regards, Alden Brian Candler wrote: I'm getting the following when posting to 'misc'. Is this known and/or intentional? I'm not bcc'ing to 'ports' - honest! Regards, Brian. Return-path: <[EMAIL PROTECTED]>

Re: X.org on Sun Ultra 10

Christian Ruediger Bahls wrote: > i post this to the list so it shows up in the web > should somebody have the some problem > (if you see any mistake please do not hesitate to contact me) > > i hat problems setting up X.org for an Ultra 10 > (i normally use that machine remote so X is less importa

Re: on the remote root login in OpenSSH

Hi Dave, On Fri, Nov 24, 2006 at 01:50:52AM -0500, Woodchuck wrote: | At worst you have a small window during installation in which root | logins are allowed, before you shut them off by chroot'ing as Paul | outlined in his post. I'm not sure I understand, what window is this ? Before (and after)

Re: Mail to 'misc' being forwarded to 'ports'?

On Fri, Nov 24, 2006 at 02:52:23PM +, Brian Candler wrote: > I'm getting the following when posting to 'misc'. Is this known and/or > intentional? > > I'm not bcc'ing to 'ports' - honest! Something weird is going on, and various things are ending up in ports@ that don't belong there. Someone

Re: IPSec roadwarrior configuration?

On Fri, Nov 24, 2006 at 07:54:49AM -0600, Albert Chin wrote: > On Fri, Nov 24, 2006 at 07:35:10PM +0900, Mathieu Sauve-Frankel wrote: > > > > Now VPN-A has this in ipsec.conf: > > > > ike passive esp from any to any srcid [EMAIL PROTECTED] dstid > > > > [EMAIL PROTECTED] > > > > If you need to sup

Re: Mail to 'misc' being forwarded to 'ports'?

On Fri, Nov 24, 2006 at 02:52:23PM +, Brian Candler wrote: > I'm getting the following when posting to 'misc'. Is this known and/or > intentional? > > I'm not bcc'ing to 'ports' - honest! I got a couple odd messages from ports yesterday, which I'm pretty certain I never subscribed to. It was o

Re: Mail to 'misc' being forwarded to 'ports'?

Brian Candler wrote: > I'm getting the following when posting to 'misc'. Is this known and/or > intentional? > > I'm not bcc'ing to 'ports' - honest! > > Regards, > > Brian. ... Yeah, someone did something annoying with their mail account. The right people to fix it are trying to be contacted..

SCSI and several adapters on the same bus

Hello, does OpenBSD handle several adapters on the same SCSI bus? Clarifying: Several adapters of course with different SCSI ids, but connected via one cable on the same SCSI bus. It may happen that I have a need for this, so would be fine to read which experiences [EMAIL PROTECTED] have. Have

Mail to 'misc' being forwarded to 'ports'?

I'm getting the following when posting to 'misc'. Is this known and/or intentional? I'm not bcc'ing to 'ports' - honest! Regards, Brian. Return-path: <[EMAIL PROTECTED]> Envelope-to: [EMAIL PROTECTED] Delivery-date: Fri, 24 Nov 2006 14:50:00 + Received: from [127.0.0.1] (helo=mappit.linnet.o

Re: crash on 4.0 (but no ddb)

This machine has been locking up randomly once or twice a day on average, but always when X is running. So I've been leaving it in console mode at night, hoping it crashes into ddb... Last night it crashed, but unfortunately, it didn't go into ddb on its own, and the ddb.console Ctl-Alt-Esc key s

Re: SFTP only access to sshd

Damien Miller wrote on Fri, Nov 24, 2006 at 12:04:15PM +1100: > On Thu, 23 Nov 2006, Ingo Schwarze wrote: > >> From time to time, people come here to ask: >> How can i set up an account for SFTP only, forbidding shell access? >> >> One common answer is scponly, http://sublimation.org/scponly/wiki

Re: raidctl: ioctl (RAIDFRAME_CONFIGURE) failed on 4.0 amd64 for RAID 1 (mirroring)

I am not sure whether this is relevant or not, but in my conf pseudo-device raid 4 is defined before option RAID_AUTOCONFIG. Vijay On Fri, 2006-24-11 at 11:17 +0530, Siju George wrote: > On 11/24/06, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > On Wed, Nov 22, 2006 at 10:35:52PM +0530, Siju G

Re: IPSec roadwarrior configuration?

On Fri, Nov 24, 2006 at 07:35:10PM +0900, Mathieu Sauve-Frankel wrote: > > > Now VPN-A has this in ipsec.conf: > > > ike passive esp from any to any srcid [EMAIL PROTECTED] dstid > > > [EMAIL PROTECTED] > > If you need to support more than one user in you roadwarrior setup. > Then don't set dstid

X.org on Sun Ultra 10

i post this to the list so it shows up in the web should somebody have the some problem (if you see any mistake please do not hesitate to contact me) i hat problems setting up X.org for an Ultra 10 (i normally use that machine remote so X is less important) this machine has a Creator3D Framebuffe

Re: on the remote root login in OpenSSH

[2006-11-24 11:26] Woodchuck <[EMAIL PROTECTED]> wrote: > You know, I seem to recall that many versions ago (maybe even as far > back as 2.xx) root login on ssh *was* disallowed by default. > I recall being bitten by it, too, on "remote" (other-side-of-the-room) > installations on headless machines

Re: ipsecctl setting up multiple SAs

Hans-Joerg Hoexer wrote: > more correct diff: Cool. It occurs to me that the protocol ought to be included as well though: e.g. [IPsec-10.1.1.6:1-10.1.1.1:1701-17] That's because (in theory) you might have one SA for UDP and another SA for TCP. Other possibilities would be: [IPsec-10.1.1.6

Has anyone tried to install OpenBSD (PPC) on PS3?

Eventhough I know OpenBSD main purpose isn't game related, it would be interesting to see it running on a PS3, even for benchmark-only purposes. Did anyone already get one?

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

Alexander Farber wrote: I've read "man syslog.conf" several times, especially this passage: !!prog causes the subsequent block to abort evaluation when a message matches, ensuring that only a single set of actions is taken. !* can be used to ensure that any ensuing blocks are furth

Re: ipsecctl setting up multiple SAs

On Fri, Nov 24, 2006 at 10:22:26AM +, Brian Candler wrote: > To answer my own question: inspired by the output of ipsecctl, I wrote a > perl program (attached) to generate a suitable isakmpd.conf (also attached), > and this appears to work just fine. And now I seem to have hit some sort of sca

Is RAIDframe good for production?

Hello, I have a question about RAIDframe driver (using in RAID1 mode). GENERIC kernel doesn't support it, so it's need to compile custom kernel. As described in FAQ it's not recommended. Also additional complexity for kernel is not good as I think. And upgrade from one release to another (the n

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

Thanks Otto, that was it On 11/24/06, Otto Moerbeek <[EMAIL PROTECTED]> wrote: >!!pref >*.*/var/log/pref > > Now no messages at all are written into /var/log/messages :-/ > Add the end marker !* after the *.* line -Ott

Re: ipsecctl setting up multiple SAs

more correct diff: Index: ike.c === RCS file: /cvs/src/sbin/ipsecctl/ike.c,v retrieving revision 1.54 diff -u -p -r1.54 ike.c --- ike.c 24 Nov 2006 08:07:18 - 1.54 +++ ike.c 24 Nov 2006 10:46:19 - @@ -38,17 +3

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

Hi Marcus, On 11/24/06, Marcus Popp <[EMAIL PROTECTED]> wrote: > Can anyone please give me a hint? read man syslog.conf read my original mail. Can you imagine, that I've read the man page, but it is just not good enough for me (or vice versa)? Regards Alex -- http://preferans.de

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

On Fri, 24 Nov 2006, Alexander Farber wrote: > Hi, > > I've read "man syslog.conf" several times, especially this passage: > > !!prog causes the subsequent block to abort evaluation when a message > matches, ensuring that only a single set of actions is taken. !* can be > used to en

Re: on the remote root login in OpenSSH

On 2006/11/23 17:07, Igor Sobrado wrote: ... > to set up a firewall with an ever-growing list of hostile machines. ... I think you misunderstand me. I mean to restrict direct SSH access to only those networks which need access, not to block attackers when you see them. Authorized users would eithe

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

Hi Alexander, On 2006-11-24T10:50, Alexander Farber wrote: > Then I've added a second "!" and moved those 2 lines to > the top of /etc/syslog.conf: > >!!pref >*.*/var/log/pref > > Now no messages at all are written into /var/log

Re: pflogd: Failed to initialize: /dev/bpf0

On Wed, 22 Nov 2006 22:19:37 +0200, Berk D. Demir wrote: > This permission problem smells like a mixed kernel and userland match > or a version spaghetti to me. > > Please try a recent snapshot if possible. In case you want to run > -stable, make a _clean_ build. Sounds reasonable. Only, I did

Re: syslog.conf question: log into a separate file, but not into /var/log/messages

On 2006/11/24 10:50, Alexander Farber wrote: > I've read "man syslog.conf" several times, especially this passage: ... > but don't understand it and how to adapt it for my purpose: see the 'examples' section where this is demonstrated.

Re: IPSec roadwarrior configuration?

> > Now VPN-A has this in ipsec.conf: > > ike passive esp from any to any srcid [EMAIL PROTECTED] dstid > > [EMAIL PROTECTED] If you need to support more than one user in you roadwarrior setup. Then don't set dstid. -- Mathieu Sauve-Frankel

Re: ipsecctl setting up multiple SAs

Hi, On Fri, Nov 24, 2006 at 09:45:45AM +, Brian Candler wrote: > I'm trying to set up multiple transport mode SAs between an OpenBSD 4.0 box > and a Cisco 7301 running IOS [ultimate reason is to load test multiple L2TP > over IPSEC tunnels]. > > Each SA is between the same two IP endpoints bu

Problem with Routerboard 44 quad port ethernet card

Hi, I'm building a firewall with 6 ethernet interfaces. It's a Tyan S2425 mobo with 2 onboard NICs and added quad port Routerboard 44 card on a 1U PCI riser card. The problem is that vr0 does not work. It's detected with MAC address ff:ff:ff:ff:ff:ff and the PHY for vr0 is not detected. vr1, vr2,

Re: on the remote root login in OpenSSH

On Fri, Nov 24, 2006 at 07:06:17AM +0100, Bill Maas wrote: > Hi, > > how about this one: > > PermitRootLogin 192.168.1 > > Should any of the SSH maintainers be reading this: possible new SSH > feature? I believe you can actually do this with the Match directive, although I'd need to spend more

Re: ipsecctl setting up multiple SAs

On Fri, Nov 24, 2006 at 09:45:45AM +, Brian Candler wrote: > Looking at this, it seems that the last entry in /etc/ipsec.conf has taken > precedence over the others. > > Is there a way to achieve what I'm trying to do, either using ipsecctl, or > manually configuring isakmpd? To answer my own

Re: on the remote root login in OpenSSH

In message <[EMAIL PROTECTED]>, chefren writes: > Hello Igor, Hello Chefren. > You missed the crux of quite a few important points that Nick tried to > explain to you. Indeed, I have carefully read his post. He certainly explains some important points related with sshd. He is certainly right.

syslog.conf question: log into a separate file, but not into /var/log/messages

Hi, I've read "man syslog.conf" several times, especially this passage: !!prog causes the subsequent block to abort evaluation when a message matches, ensuring that only a single set of actions is taken. !* can be used to ensure that any ensuing blocks are further evaluated (i.e. ca

Re: IPSec roadwarrior configuration?

On 24/11/06, Albert Chin <[EMAIL PROTECTED]> wrote: On Thu, Oct 12, 2006 at 10:07:27AM +0200, viq wrote: > Say, VPN-A is the VPN box, VPN-B is the roadwarrior. On VPN-A you need > to enable packet forwarding, and pf as you will need NAT: > nat on $ext_if from !($ext_if) -> ($ext_if:0) > This is b

[EMAIL PROTECTED]:/cvs

cvs -q -d [EMAIL PROTECTED]:/cvs up -r OPENBSD_4_0 -Pd No space left on device Can someone please clean up ? Thanks ! Uwe

ipsecctl setting up multiple SAs

Hello, I'm trying to set up multiple transport mode SAs between an OpenBSD 4.0 box and a Cisco 7301 running IOS [ultimate reason is to load test multiple L2TP over IPSEC tunnels]. Each SA is between the same two IP endpoints but specifies a different UDP port pair. I was able to get a single SA

Re: demystify enc interface

On Thu, Nov 23, 2006 at 02:47:14PM +0100, Camiel Dobbelaar wrote: > I think this tells me that I can see unencrypted/unencapsulated traffic on > enc0. yes. > However, with tcpdump I see this: > > 14:09:27.894326 (authentic,confidential): SPI 0x728aafc9: 86.90.xx.xx > > 62.58.xx.xx: 192.168.2.3

Re: Why Sendmail?

Thanks, I get it now. Have installed my favourite MTA (it was so much easier on openBSD than other systems I have tried (gentoo/redhat/netBSD) which is nice). I will set up all important root/postmaster mail accounts etc to make sure I get the system emails (they are a bonus too). BTW the

Re: IPSec roadwarrior configuration?

On Thu, Oct 12, 2006 at 10:07:27AM +0200, viq wrote: > Say, VPN-A is the VPN box, VPN-B is the roadwarrior. On VPN-A you need > to enable packet forwarding, and pf as you will need NAT: > nat on $ext_if from !($ext_if) -> ($ext_if:0) > This is because packets from VPN-B will leave VPN-A with VPN-B'