Hello Group,
I've been playing around with authpf and got things working pretty well
with it. Now I've got a request to make things work even better and
that's where I got stuck. My setup is that I authenticate users on our
gateway before allowing an incoming Remote Desktop connection from
them. This is what works well, I forward them to a known remote desktop
server and they log in and do most of their work. However, they would
like to be able to log in to their machine. I've tried setting up
specific rules that rdr to their machines to no avail. Here are some
things I've tried:
- placing authpf.rules in /etc/authpf/users/user1/ directory with the
following
int = "dc0"
rdr on $int proto tcp to 11.33.44.55 port 3389 -> 10.10.10.34
port 3389
pass in quick on $int inet proto tcp from $user_ip to any \
flags S/SA keep state
This does not work! I've flushed the pf rules and taken the default
config out of /etc/authpf/authpf.rules but still get redirected to the
old server! My pf.conf file has the anchors in it as such.
rdr-anchor "authpf/*"
nat-anchor "authpf/*"
anchor "authpf/*"
Can anyone offer some advice or maybe point me to some working
examples. Thanks guys.
Brandon
