Quote:
On the other side is a ethernet interface fxp0 which connects to a dsl box and from there to the internet. The IP for fxp0 is assigned via dhcp from the dsl box within a different subnet than ne3. This is internal_interface_2 in pf rules.
OpenVPN is realized through tun0 interface. This is the "external" interface in pf rules.
|
This is confusing
Most people would call the
fxp0 interface external, because it faces the public Internet. All interfaces connected to the the internal LAN, are called internal interfaces. In your case ne3 and athn0.
RE: OpenVPN
I only wanted to know whether you were using an OpenVPN service provider or running an OpenVPN server on your firewall.server.
If OpenVPN works for the clients on the wired LAN (those connected to the ne3 NIC), then I don't understand why the OpenVPN clients on the wireless LAN (athn0 interface) have problems connecting.
One possible issue could that both wireless and OpenVPN use the 10/? net
From your previously posted info:
Quote:
10.0.x.x/24 are the IPs for vpn.
|
and
Code:
$ grep tun0 netstat.sws
0/1 10.0.x.x UGS 0 2562 - 8 tun0
10.0.x.x/32 10.0.x.x UGS 0 0 - 8 tun0
10.0.x.x 10.0.x.x UH 3 0 - 4 tun0
128/1 10.0.x.x UGS 0 2049 - 8 tun0
So the question is which prefix size doest he 10.0.0.0 network have?
One simple way would be to use something like the10.88.0.0/16 network for athn0.