<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: behind openbsd firewall
From: Alex Morales <amorales,AT,aaamerica,DOT,com,DOT,mx>
Date: Mon, 23 Dec 2002 18:07:25 +0100
In-reply-to: <20021223155219.GA23138@ns.snowman.net>

Yes, if the "Box A" use a Public IP Address...

ALex

On Mon, 23 Dec 2002, James Moss wrote:

> Will that work for a machine that is using a privnet IP?  Everything
> behind box A is nat'd to a 192.168.4.0/24 set.
>     -James
>
> Alex Morales (amorales,AT,aaamerica,DOT,com,DOT,mx) wrote:
> >
> >
> >
> > use binat with pf:
> >
> > Box A -> <Internet> <- Box B <- Box C
> >
> >
> > #rule cipe for OpenBSD Box B
> > binat on xl0 proto udp from C  to A   -> B
> >
> >
> >
> >
> > On Sun, 22 Dec 2002, James Moss wrote:
> >
> > > I've been searching for information on how exactly to go about making
> > > cipe work from behind an OpenBSD firewall/gateway, but haven't been
> > > succesful.  Searching the archives returns a 404 with the information:
> > > The requested URL /~W1011/cgi-bin/htsearch was not found on this server.
> > >
> > > If anyone has experience in doing this, or can point me to information
> > > on this I'd appreciate it.  I'm fairly confident that the tunnel works,
> > > as it did work prior to having the OpenBSD firewall/gateway in place.
> > >
> > > The setup is as follows:
> > >
> > > Box A -> <Internet> <- Box B <- Box C
> > >
> > > previously working was:
> > > Box A -> <Internet> <- Box C
> > >
> > > Box A and Box C are running cipe.  From the information I've gathered,
> > > it could be as easy as adding a route to Box B to allow safe connection
> > > from Box C to Box A, but I haven't had any luck.  As I said previously,
> > > feel free to point me in the correct direction.  Thanks.
> > >     -James
> > >
> > > --
> > > Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> > > Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> > > Other commands available with "help" in body to the same address.
> > > CIPE info and list archive: 
><URL:http://sites.inka.de/~bigred/devel/cipe.html>
> > >
> >
> > --
> >
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: 
><URL:http://sites.inka.de/~bigred/devel/cipe.html>
>

-- 





<< | Thread Index | >> ]    [ << | Date Index | >> ]