Thread: Does pf conflict with OpenVPN?
View Single Post
  #29   (View Single Post)  
Old 2nd February 2011
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,132
Default
Did you enable forwarding between interfaces?
I have
Code:
$ sysctl -a | grep forward

net.inet.ip.forwarding=0
net.inet.ip.mforwarding=0
net.inet6.ip6.forwarding=0
net.inet6.ip6.mforwarding=0
It should be set to 1 in your case? Or is that just if a machine is a VPN gateway?

To set this edit /etc/sysctl.conf:
Code:
# This file contains a list of sysctl options the user wants set at
# boot time.  See sysctl(3) and sysctl(8) for more information on
# the many available variables.
#
#net.inet.ip.forwarding=1       # 1=Permit forwarding (routing) of IPv4 packets
#net.inet.ip.mforwarding=1      # 1=Permit forwarding (routing) of IPv4 multicast packets
#net.inet.ip.multipath=1        # 1=Enable IP multipath routing
Remove the '#' and try a clean reboot.

EDIT: This is only needed on an OpenVPN gateway, and you are a client
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Last edited by J65nko; 2nd February 2011 at 03:42 AM. Reason: Warning about forwarding only needed on gateway
Reply With Quote