Date: Thu, 12 Jan 2006 16:53:50 +0100 From: "cedric Gross" <cgross@2blc.Com> To: <fbsd_user@a1poweruser.com>, <freebsd-questions@freebsd.org> Subject: RE: IpNat and 3 NIC Message-ID: <20060112155251.9D0CF6F19C@bruce.cnv.fr> In-Reply-To: <MIEPLLIBMLEEABPDBIEGIEGFHLAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks you, it's working ! But why using vr0 instead of vr1 for map instruction ? Network 192.168.0.32/27 is attach to vr1 not vr0 ... Is it an IPNat mystery or have you an answer ? > -----Message d'origine----- > De : owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] De la part de fbsd_user > Envoy=E9 : jeudi 12 janvier 2006 16:43 > =C0 : cedric Gross; freebsd-questions@freebsd.org > Objet : RE: IpNat and 3 NIC >=20 > You have ipnat statements wrong. should be liked this >=20 > map vr0 10.0.0.0/8 -> 0.32 proxy port ftp ftp/tcp > map vr0 10.0.0.0/8 -> 0.32 portmap tcp/udp 20000:60000 > map vr0 10.0.0.0/8 -> 0.32 > map vr0 192.168.0.0/30 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.32/27 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.32/27 -> 0.32 > map vr0 192.168.0.96/27 -> 0.32 portmap tcp/udp auto > map vr0 192.168.0.96/27 -> 0.32 > rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp >=20 > Note map vr1 has been changed to vr0 >=20 > If your public IP 84.96.23.106 is not dedicated to you by your ISP, > then you should not be hard coding it in your IPnat rules. Read the > Freebsd ipfilter documentation in the handbook for details. >=20 > 0.32 =3D The IP address/netmask assigned by your ISP. > The special keyword 0.32 tells ipnat to get the current > public > IP address of the interface specified on this statement and > substitute it for the 0.32 keyword. >=20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of cedric > Gross > Sent: Thursday, January 12, 2006 9:58 AM > To: freebsd-questions@freebsd.org > Subject: IpNat and 3 NIC >=20 >=20 > Hello, >=20 > I have my FreeBSD 5.4 box with 3 NIC : >=20 > Xl0 LAN with network 10.0.0.0/8 and 192.168.0.0/30 > VR0 Wan 84.96.23.106/32 > VR1 LAN with network 192.168.0.32/27 and 192.168.0.96/27 >=20 > I use IPNAT and Ip filter. >=20 > I'm doing NAT from Xl0 to Vr0, it's working fine >=20 > I'm trying to do the same thing with vr1 to Vr0 but it's seems that > traffic > coming from vr1 are not translated. > Is there a interface limitation with IPNAT ? >=20 > Is there a way to do translation from both NIC ? >=20 > Here is my ipnat.conf : > map vr0 10.0.0.0/8 -> 84.96.23.106/32 proxy port ftp ftp/tcp > map vr0 10.0.0.0/8 -> 84.96.23.106/32 portmap tcp/udp 20000:60000 > map vr0 10.0.0.0/8 -> 84.96.23.106/32 > map vr0 192.168.0.0/30 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.32/27 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.32/27 -> 84.96.23.106/32 > map vr1 192.168.0.96/27 -> 84.96.23.106/32 portmap tcp/udp auto > map vr1 192.168.0.96/27 -> 84.96.23.106/32 > rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp > rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp >=20 > Thanks for help. > Cedric >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060112155251.9D0CF6F19C>