[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Novell VPN client/server + binat ?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Novell VPN client/server + binat ?
From: Dethlef Madsen <dmadsen_(_at_)_planetmad_(_dot_)_de>
Date: Wed, 25 Sep 2002 18:45:39 +0200

Hi *,

The Situation.

A Novell VPN-Client wants to access a nat'ed VPN-Server behind a OpenBSD firewall/router (static public ip, private static ip) The client dials in the Inet and connects to the OBSD public static ip. The Server resides in the private Network (192.168.0.203) behind OBSD.

The following ports and protocols are used between the client  + server:

Port 353 tcp/udp  - ndsauth  (natable)
Port 2010 udp      -  pipeserver (natable)

Protocol  57 skip - not natable ( encrypted data )

I read a lot about binat in this list, but the more i read the more my brain mutates to spaghetti. ;)

I there a way to solve the problem not natting Protocol 57 via binat with a second public ip for example

and what is the rule for that ?

------pf.conf section-----------
# /etc/pf.conf  OBSD-3.2-snapshot  nat / rdr / pf is handled in pf.conf now
ext_if="tl0"
# xl0=192.168.0.202
int_if="xl0"
vpn-server="192.168.0.203"

binat .... ?????
-------------------------------

lots of thanks for every hint


Dave

Prev by Date: Two internet connections on the same machine
Next by Date: Backup (was: SCSI Tape Drive Option - Clarifying my thoughts)
Previous by thread: Re: Two internet connections on the same machine
Next by thread: 9-24 snapshot on IBM X330
Index(es):
- Date
- Thread

Visit your host, monkey.org