2.1_rc15.
VPN setup works and I'm able to send (and receive data) when doing it directly from my openbsd firewall:
# ping 192.36.171.154
Code: Select all
PING 192.36.171.154 (192.36.171.154): 56 data bytes
64 bytes from 192.36.171.154: icmp_seq=0 ttl=60 time=21.692 ms
Code: Select all
tcpdump: listening on tun0, link-type EN10MB
22:56:59.951191 178.73.197.139 > 192.36.171.154: icmp: echo request
22:56:59.972697 192.36.171.154 > 178.73.197.139: icmp: echo reply
# tcpdump -ettt -ni pflog0
Code: Select all
tcpdump: listening on pflog0, link-type PFLOG
Jan 15 23:00:25.921497 rule 156.vpn.10/(match) pass in on vr2: 172.16.244.2 > 192.36.171.154: icmp: echo request (DF)
Jan 15 23:00:25.921558 rule 100/(match) pass out on tun0: 178.73.197.139 > 192.36.171.154: icmp: echo request (DF)
Code: Select all
tcpdump: listening on tun0, link-type EN10MB
tun0:
Code: Select all
# ifconfig tun0
tun0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
lladdr 00:bd:e2:30:c0:01
priority: 0
media: Ethernet autoselect
status: active
inet 178.73.197.139 netmask 0xffffff80 broadcast 178.73.197.255
inet6 fe80::2bd:e2ff:fe30:c001%tun0 prefixlen 64 scopeid 0x7
Code: Select all
nat on tun0 from 172.16.1.0/24 to any -> tun0 pass in log quick on dmzif route-to tun0 inet proto icmp from 172.16.1.0/24 to any icmp-type echoreq tag VPN_TRAFFIC
pass out log quick on tun0 inet proto icmp from tun0 to any icmp-type echoreq tagged VPN_TRAFFIC
Code: Select all
# sysctl -a | grep net.inet.ip.forwa
net.inet.ip.forwarding=1
#
Code: Select all
parts of openvpn-config:
dev tun0
dev-type tap