Ray
2011-09-02 11:09:49 UTC
Hi,
I've set up 2.0r3 on an ALIX2D13 box. Largely things work fine, but I
have a routing issue that I can't get my head around. I'll quickly
describe my setup first and then explain the problem I'm facing:
The ALIX2D13 has 3 Ethernet interfaces. I use the first (vr0) as WAN
connection with DHCP. Works fine.
The second Ethernet interface has a static private IP and serves as my
backdoor into the box when I screw up things on the other interfaces.
Also works fine.
The ALIX has a Wifi card built in that runs as access point. This
access point, am openVPN tap client interface and the third Ethernet
interface are all part of a bridge (br0). Via VPN, the bridge gets an IP
assigned using a DHCP Server at the other end of the VPN tunnel in a
data center. Works also.
When I connect to the WIFI access point provided by the ALIX box, the
client box contacts the DHCP server at the far end of the VPN tunnel for
an IP address. This also works. Part of the DHCP-provided information is
the gateway to be used by the client, which is set as the IP of the
bridge interface in the ALIX box. Here the problem comes in: the
Internet-bound traffic arrives at the ALIX, and my hope would be that it
is routed out directly via the WAN interface. However, it somehow
disappears there or hits some kind of wall. I should say that in the
advanced setting of pfSense I completely turned off packet filtering for
the moment, so that the firewall is not the problem.
From Linux, I know that IP forwarding can be enabled with echo "1 >
/proc/sys/net/ipv4/ip_forward". I assume, FreeBSD is doing this in some
similar way? Is this feature enabled by default in pfSense? if not,
could that be the problem?
Are there any diagnostic dumps I could add to provide more detailed
info?
I would really appreciate a hint or two...
Thanks,
Ray
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org
Commercial support available - https://portal.pfsense.org
I've set up 2.0r3 on an ALIX2D13 box. Largely things work fine, but I
have a routing issue that I can't get my head around. I'll quickly
describe my setup first and then explain the problem I'm facing:
The ALIX2D13 has 3 Ethernet interfaces. I use the first (vr0) as WAN
connection with DHCP. Works fine.
The second Ethernet interface has a static private IP and serves as my
backdoor into the box when I screw up things on the other interfaces.
Also works fine.
The ALIX has a Wifi card built in that runs as access point. This
access point, am openVPN tap client interface and the third Ethernet
interface are all part of a bridge (br0). Via VPN, the bridge gets an IP
assigned using a DHCP Server at the other end of the VPN tunnel in a
data center. Works also.
When I connect to the WIFI access point provided by the ALIX box, the
client box contacts the DHCP server at the far end of the VPN tunnel for
an IP address. This also works. Part of the DHCP-provided information is
the gateway to be used by the client, which is set as the IP of the
bridge interface in the ALIX box. Here the problem comes in: the
Internet-bound traffic arrives at the ALIX, and my hope would be that it
is routed out directly via the WAN interface. However, it somehow
disappears there or hits some kind of wall. I should say that in the
advanced setting of pfSense I completely turned off packet filtering for
the moment, so that the firewall is not the problem.
From Linux, I know that IP forwarding can be enabled with echo "1 >
/proc/sys/net/ipv4/ip_forward". I assume, FreeBSD is doing this in some
similar way? Is this feature enabled by default in pfSense? if not,
could that be the problem?
Are there any diagnostic dumps I could add to provide more detailed
info?
I would really appreciate a hint or two...
Thanks,
Ray
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org
Commercial support available - https://portal.pfsense.org