Quote:
Originally Posted by J65nko
You don't need pf to route packets between networks, you need the appropiate routes. Using the following simple network:
Code:
10.2.2.100
|
|
+---------|---------+
| 10.2.2.1/24 |
| |
| router |
| |
| 192.168.44.1/24 |
+---------|---------+
|
|
|
192.168.44.100
- If host 192.68.44.100 wants to communicate with host 10.2.2.100 it needs a route to the 10.2.2.0/24 network:
Code:
# route add -net 10.2.2.0/24 192.168.44.1
add net 10.2.2.0/24: gateway 192.168.44.1
Or # route add default 192.168.44.1 if there are not any other networks.
- If host 10.2.2.100 wants to answer packets to host 192.168.44.100 it needs a route to the 192.168.44.0/24 network:
Code:
# route add -net 192.168.44.0/24 10.2.2.1
add net 192.168.44.0/24: gatewary 10.2.2.1
Or # route add default 10.2.2.1 if there are not any other networks
How do the routing tables on the hosts on your 192.168.1.0/24 and 192.168.0.0/24 network look like? |
You just saved me from BS-ing with a PF rules on our VPN gateway for the past two hours. Very, very useful post. I took a clue from your post and added one line to /etc/openvpn/server.conf to make it work.
Code:
push "route 192.168.2.0 255.255.255.0"