On 4/29/08, Wade Blackwell <[EMAIL PROTECTED]> wrote: > Good morning PFsense fans, > Greetings from the starting to get sunny Northwest. I am not sure if > what I am trying can be done or not. In concept I know it's possible but > I am not seeing the desired results where the rubber meets the road. > Basic setup is this; > > Network A > 1.1.1.1/24 > | > | > | > I-net----PF---PPTP clients 3.3.3.3/28 > | > | > | > IPsec tunnel to 2.2.2.0/24 > > Goal: To have PPTP clients connect in and connect to the PF and then > have access to 2.2.2.0/24 over the IPsec tunnel. The tricky part (I am > assuming) is that for the tunnel to come up the PPTP clients to bring > the IPsec tunnel up they need to be sourced from 1.1.1.0/24. What I did, > attempting to make this work, was to setup the advanced outbound NAT > allowing all PPTP clients destined for 2.2.2.0/24 to be natted with the > interface IP of network A. I am running 1.2-RC2 if that has any bearing. > If anyone has tried this or has some insight I would be stoked. Thanks > all. > -- > Wade B
Make sure a static route exists on 2.2.2.0/24 to point back to 1.1.1.0./24 if I am reading this correctly. I have not tried this, so YMMV. Scott --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
