Matthias,

Thanks for the redirect.

Matthias Scheler wrote:
> [This really belongs on "tech-net@NetBSD.org]
> 
> On Mon, Oct 15, 2007 at 02:08:53PM -0500, Steve Pribyl wrote:
>> How do I get my netbsd box to route on the same network?
>>
>> 192.168.0.0/24--->[netbsd box 192.168.0.1]
>>                                   ^
>>                                   |
>> [via IPSEC VPN 192.168.0.200/24]--|
>>
>> The netbsd box is running 4.0 rc2 racoon and pf.
>>
>> How do I get the netbsd box to "listen" for vpn destine traffic, or is 
>> this just not the way to do it.
> 
> I'm not sure whether I understand your problem correctly:
> 1.) You have a bunch of machines which are connected to the network
>     192.168.0.0/24.
> 2.) You want a NetBSD machine connected to this network to route IP packets
>     to another machine using the IP address 192.168.0.1 over an
>     IPsec VPN link.
> 3.) You don't want to have to configure the other machines connected to
>     192.168.0.0/24 to route packets to 192.168.0.1 over the NetBSD box.
> 
> Is that your problem?
Almost,

I have a vpn server at 192.168.0.1.
A vpn client is at 192.168.0.200.
There are other boxes on 192.168.0.0/24.

Traffic from the local network boxes to 192.168.0.200 need to be routed 
by the vpn server.

I have done something like this using ssh/ppp/iptables/linux and did not 
need to setup routing on the local network nodes.

Steve Pribyl
Infrastructure Practitioner