I am having problems in the implementation of a VPN, below made a project of my
net:
INTRANET
(10.0.0.0/24)
|
10.0.0.5
xl0
NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
wi0
192.168.213.10/30
|
|
Wireless
VPN
|
|
192.168.213.9/30
xl2
FreeBSD NATD ( divert natd all from any to any )
xl0
200.x.x.5/24
|
200.x.x.1/24
Router
|
|
INTERNET
NetBSD Node ( ipsec.conf ):
spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec
esp/tunnel/192.168.213.10-192.168.213.9/require;
spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec
esp/tunnel/192.168.213.9-192.168.213.10/require;
FreeBSD Node ( ipsec.conf ):
spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec
esp/tunnel/192.168.213.9-192.168.213.10/require;
spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec
esp/tunnel/192.168.213.10-192.168.213.9/require;
The connection between the NetBSD and the FreeBSD work correctly.
The problem is when I make a connection of the computer with IP 10.0.0.1 to an
IP in the Internet.
I do not know to make a rule for ipsec.conf that he makes with that the
connections of 10.0.0.0/24 are directed for inside of tunnel.
Somebody knows the solution?
[]s Daniel Dias Gonçalves
f22@netbsd.com.br
----