[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD 3.0, NAT, and pptp...

To: tech@openbsd.org
Subject: Re: OpenBSD 3.0, NAT, and pptp...
From: josh <dorqus@bsdfreek.com>
Date: Sun, 2 Dec 2001 00:26:18 -0500
Content-Disposition: inline
References: <000001c17abb$bd1f9080$056ea8c0@fuzz>
User-Agent: Mutt/1.2.5i

Steve Jost wrote...
> Hello, I have a quick question about a win2k client behind a NAT
> connecting to a Win2k RAS server.  Using OpenBSD as the router, the
> connection gets to 'verifying username and password' on the client and
> then fails.  It used to be working when my router was windows2000 (I
> switched to win2k for this reason but couldn't stand it).  What do I
> need to add in the nat.conf and the pf.conf to make this work?  I found
> a tutorial on how to make it work with ipfilter, not with pf.  The way
> my network is setup is
>  
> 192.168.0.2/32 ========= 192.168.0.1/32 dc0 OpenBSD 3.0 de0
> 158.222.46.214/32 ========= Internet/Win2k RAS
> (Business laptop)
> (Router) 
>  
> Is this even possible with OpenBSD?  I have read a few things that say
> it's not possible, and a few that say it is, maybe you could shed some
> light on this subject.  Thanks.

Yes, just disable GRE protocol in your kernel on the firewall,
and setup a rule to pass gre *thru* the firewall.
Also you'll need outbound TCP and UDP ports 1701.
Sorry, I'm not using pf, but what I told you should be
enough to go on :)

-- 
josh
    Don't be fooled by cheap finnish imitations ; BSD is the One True Code

References:
- OpenBSD 3.0, NAT, and pptp...
  - From: "Steve Jost" <steve@fuzzysoft.wox.org>

Prev by Date: Re: RealTek 8139 / compaq 1200
Next by Date: Kernel debug question
Prev by thread: OpenBSD 3.0, NAT, and pptp...
Next by thread: Kernel debug question
Index(es):
- Date
- Thread