Subject: VPN IPSEC WIRELESS
To: None <tech-net@netbsd.org, netbsd-users@netbsd.org,>
From: ddg <ddg@yan.com.br>
List: netbsd-users
Date: 05/22/2003 20:55:21
------f8c6de487a00c7f8bf1ab555f9878dda
Content-Type: text/plain; charset=

I am having problems in the implementation of a VPN, below made a project of my net: 

  INTRANET
(10.0.0.0/24)
      |
  10.0.0.5
     xl0
NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
     wi0
192.168.213.10/30
      |
      |
   Wireless
     VPN
      |
      |
192.168.213.9/30
     xl2
FreeBSD NATD ( divert natd all from any to any )
     xl0
200.x.x.5/24
      |
200.x.x.1/24
   Router
      |
      |
  INTERNET

NetBSD Node ( ipsec.conf ):
spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;
spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;

FreeBSD Node ( ipsec.conf ):
spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;
spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;

The connection between the NetBSD and the FreeBSD work correctly.
The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet.
I do not know to make a rule for ipsec.conf that he makes with that the connections of 10.0.0.0/24 are directed for inside of tunnel.

Somebody knows the solution? 

[]s Daniel Dias Gonçalves
ddg@yan.com.br

----



------f8c6de487a00c7f8bf1ab555f9878dda
Content-Type: text/html; charset=

<HTML>
<HEAD>
<TITLE></TITLE>
<META HTTP-EQUIV='Content-Type' CONTENT='text/html; charset='>
<STYLE TYPE='TEXT/CSS'>
<!--
body { color:#F4AC19; font-size: 12px; line-height: 120%}
.mybody { color:#000000; font-size: 14px; line-height: 150%}
.sign { color:#cccccc; font-size: 12px; line-height: 120%}
-->
</STYLE>
</HEAD>
<BODY BGCOLOR='#FFFFFF' TEXT='#000000'>
<TABLE WIDTH='100%' BORDER='0' CELLSPACING='0' CELLPADDING='0'>
	<TR>
	<TD class='mybody'>I am having problems in the implementation of a VPN, below made a project of my net: 
<BR>

<BR>
  INTRANET
<BR>
(10.0.0.0/24)
<BR>
      |
<BR>
  10.0.0.5
<BR>
     xl0
<BR>
NetBSD IPNAT ( map wi0 10.0.0.0/24 -</FONT><FONT color=#444444>> 192.168.213.10 )
<BR>
     wi0
<BR>
192.168.213.10/30
<BR>
      |
<BR>
      |
<BR>
   Wireless
<BR>
     VPN
<BR>
      |
<BR>
      |
<BR>
192.168.213.9/30
<BR>
     xl2
<BR>
FreeBSD NATD ( divert natd all from any to any )
<BR>
     xl0
<BR>
200.x.x.5/24
<BR>
      |
<BR>
200.x.x.1/24
<BR>
   Router
<BR>
      |
<BR>
      |
<BR>
  INTERNET
<BR>

<BR>
NetBSD Node ( ipsec.conf ):
<BR>
spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;
<BR>
spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;
<BR>

<BR>
FreeBSD Node ( ipsec.conf ):
<BR>
spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec esp/tunnel/192.168.213.9-192.168.213.10/require;
<BR>
spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.213.10-192.168.213.9/require;
<BR>

<BR>
The connection between the NetBSD and the FreeBSD work correctly.
<BR>
The problem is when I make a connection of the computer with IP 10.0.0.1 to an IP in the Internet.
<BR>
I do not know to make a rule for ipsec.conf that he makes with that the connections of 10.0.0.0/24 are directed for inside of tunnel.
<BR>

<BR>
Somebody knows the solution? 
<BR>

<BR>
[]s Daniel Dias Gonçalves
<BR>
<A href=mailto:ddg@yan.com.br>ddg@yan.com.br</A></TD>
	</TR>
</TABLE>
<BR>
----
<BR>

<BR>

</BODY>
</HTML>

------f8c6de487a00c7f8bf1ab555f9878dda--