Subject: Fw: VPN IPSEC WIRELESS
To: None <current-users@netbsd.org, tech-net@netbsd.org,>
From: Daniel Dias Goncalves <ddg@yan.com.br>
List: current-users
Date: 09/09/2003 13:43:15
Begin forwarded message:

Date: Thu, 22 May 2003 20:58:30 --300
From: "ddg" <ddg@yan.com.br>
To: freebsd-config@freebsd.org, freebsd-security@freebsd.org, freebsd-hacke=
rs@freebsd.org, freebsd-net@freebsd.org
Subject: VPN IPSEC WIRELESS


I am having problems in the implementation of a VPN, below made a project o=
f my net:=20

  INTRANET
(10.0.0.0/24)
      |
  10.0.0.5
     xl0
NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
     wi0
192.168.213.10/30
      |
      |
   Wireless
     VPN
      |
      |
192.168.213.9/30
     xl2
FreeBSD NATD ( divert natd all from any to any )
     xl0
200.x.x.5/24
      |
200.x.x.1/24
   Router
      |
      |
  INTERNET

NetBSD Node ( ipsec.conf ):
spdadd 192.168.213.10 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.213.10-=
192.168.213.9/require;
spdadd 0.0.0.0/0 192.168.213.10 any -P in ipsec esp/tunnel/192.168.213.9-19=
2.168.213.10/require;

FreeBSD Node ( ipsec.conf ):
spdadd 0.0.0.0/0 192.168.213.10 any -P out ipsec esp/tunnel/192.168.213.9-1=
92.168.213.10/require;
spdadd 192.168.213.10 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.213.10-1=
92.168.213.9/require;

The connection between the NetBSD and the FreeBSD work correctly.
The problem is when I make a connection of the computer with IP 10.0.0.1 to=
 an IP in the Internet.
I do not know to make a rule for ipsec.conf that he makes with that the con=
nections of 10.0.0.0/24 are directed for inside of tunnel.

Somebody knows the solution?=20

[]s Daniel Dias Gon=E7alves
f22@netbsd.com.br