VPN работает, подключение проходит, как дать доступ к интернету, мысли в сторону NAT. Необходимо реализовать работу подключенного по VPN в сети, в интернете, и как вариант за счет VPN использовать канал интернета.
Сделано на одной сетевой карте. FreeBSD 11, ядро не пересобирал.
# tcpdump -ni ng0 proto ICMP and host 8.8.4.4
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ng0, link-type NULL (BSD loopback), capture size 262144 bytes
14:46:23.999982 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1093, length 40
14:46:28.847864 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1094, length 40
14:46:33.859588 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1095, length 40
14:46:38.847761 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1096, length 40
^C
4 packets captured
16 packets received by filter
0 packets dropped by kernel
# tcpdump -ni em0 proto ICMP and host 8.8.4.4
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 262144 bytes
14:47:14.028256 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1097, length 40
14:47:18.841920 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1098, length 40
14:47:23.842104 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1099, length 40
14:47:28.841200 IP 192.168.1.50 > 8.8.4.4: ICMP echo request, id 1, seq 1100, length 40
^C
4 packets captured
164 packets received by filter
0 packets dropped by kernel
rc.conf
hostname="VPN"
ifconfig_em0="inet 192.168.0.13 netmask 255.255.255.0"
defaultrouter="192.168.0.1"
sshd_enable="YES"
ntpd_enable="YES"
gateway_enable="YES"
mpd_enable="YES"
# natd_enable="YES"
firewall_enable="YES"
firewall_script="/etc/rc.ipfw"
firewall_logging="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"
rc.ipfw
/sbin/ipfw -f flush
ipfw="/sbin/ipfw -q add"
${ipfw} allow tcp from any to me dst-port 1723 setup keep-state
${ipfw} allow gre from any to me
${ipfw} allow gre from me to any
# ${ipfw} divert natd all from any to any via em0
${ipfw} allow all from 192.168.1.0/24 to 192.168.1.0/24
${ipfw} allow all from 192.168.0.0/24 to 192.168.0.0/24
${ipfw} allow all from any to any
mpd.conf
http://muff.kiev.ua/content/mpd-nastroika-sobstvennogo-vpn-servera#comment-1546сделано полностью по этой статье