From owner-freebsd-questions@FreeBSD.ORG Fri Feb 11 21:27:35 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15EA216A4CE for ; Fri, 11 Feb 2005 21:27:35 +0000 (GMT) Received: from smtpx.spintech.ro (smtpx.spintech.ro [81.181.24.231]) by mx1.FreeBSD.org (Postfix) with ESMTP id B199943D1F for ; Fri, 11 Feb 2005 21:27:34 +0000 (GMT) (envelope-from aanton@spintech.ro) Received: from smtpx.spintech.ro (antivirus [15.0.0.1]) by smtpx.spintech.ro (Postfix) with ESMTP id DFDF03A510; Fri, 11 Feb 2005 20:09:19 +0000 (UTC) Received: from [10.0.0.2] (beastie [10.0.0.2]) by smtpx.spintech.ro (Postfix) with ESMTP id ABEB53A4F7; Fri, 11 Feb 2005 20:09:19 +0000 (UTC) Message-ID: <420D2348.4020408@spintech.ro> Date: Fri, 11 Feb 2005 23:27:36 +0200 From: Alin-Adrian Anton User-Agent: Mozilla Thunderbird 1.0 (X11/20041229) X-Accept-Language: en-us, en MIME-Version: 1.0 To: dgw@liwest.at References: <200502112206.43267.dgw@liwest.at> In-Reply-To: <200502112206.43267.dgw@liwest.at> X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Open-Source: www.opensource.org cc: questions@freebsd.org Subject: Re: How do I set the source address on a multi-homed host? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2005 21:27:35 -0000 Daniela wrote: > I have two NICs (one inside and one outside interface) with NAT activated. The > problem is that every time I establish a connection with a machine on my LAN, > it uses the address of the outside interface as the source of the packets, > which creates problems with my firewall. How do I tell my machine to use the > other address whenever I connect to a local machine? > > Daniela > Hi Daniela, Can you please be more specific? You mean this happens when you are connecting from inside intranet to some other point inside intranet? I don't understand your topology. Intranet should have the same class network, C-class for instance /24, and the gateway should not see the packages from between 2 hosts in the same LAN. The switch/hub would see them only. Can you please be more explicit of what's your setup, gateway rules, firewall, and what you are trying to do? PS: if you are connecting from outside to inside, through the gateway which does nat, this sounds like bad firewall/nat rules. Yours, -- Alin-Adrian Anton GPG keyID 0x183087BA (B129 E8F4 7B34 15A9 0785 2F7C 5823 ABA0 1830 87BA) gpg --keyserver pgp.mit.edu --recv-keys 0x183087BA "It is dangerous to be right when the government is wrong." - Voltaire