Re: behind openbsd firewall|
Alex Morales <amorales,AT,aaamerica,DOT,com,DOT,mx>|
Mon, 23 Dec 2002 16:58:48 +0100|
use binat with pf:
Box A -> <Internet> <- Box B <- Box C
#rule cipe for OpenBSD Box B
binat on xl0 proto udp from C to A -> B
On Sun, 22 Dec 2002, James Moss wrote:
> I've been searching for information on how exactly to go about making
> cipe work from behind an OpenBSD firewall/gateway, but haven't been
> succesful. Searching the archives returns a 404 with the information:
> The requested URL /~W1011/cgi-bin/htsearch was not found on this server.
> If anyone has experience in doing this, or can point me to information
> on this I'd appreciate it. I'm fairly confident that the tunnel works,
> as it did work prior to having the OpenBSD firewall/gateway in place.
> The setup is as follows:
> Box A -> <Internet> <- Box B <- Box C
> previously working was:
> Box A -> <Internet> <- Box C
> Box A and Box C are running cipe. From the information I've gathered,
> it could be as easy as adding a route to Box B to allow safe connection
> from Box C to Box A, but I haven't had any luck. As I said previously,
> feel free to point me in the correct direction. Thanks.
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: