Date: Tue, 14 Apr 2009 13:08:27 -0400 From: Steve Krawcke <Steve@Latcha.com> To: mail.list freebsd-questions <freebsd-questions@freebsd.org> Subject: ipnat dmz/internal network issue Message-ID: <5E0C592A-813B-491C-8F0C-AEABC7E1C150@Latcha.com>
next in thread | raw e-mail | index | archive | help
I have a gateway setup wing freebsd 7.1 gateway% uname -a FreeBSD gateway.latcha.com 7.1-RELEASE-p2 FreeBSD 7.1-RELEASE-p2 #0: Wed Feb 4 20:27:06 EST 2009 root@gateway3.latcha.com:/usr/obj/usr/ src/sys/GATEWAY amd64 I have 1 external nic , and 2 internal, one for a DMZ and one for the rest of the network em0 is my external, em1 is my internal and em2 is my DMZ I am using ipf and ipnat to get access to the internet, but I am having an issue. I am able to get to the internet via nat on both em1 and em2. I am able to get port/IP redriection working from em0 -> em2 I can access the address space from em1 <-> em2 But if I go to one of the redirected IPs from em1 -> em0 -> em2 it fails. here are my ipnat rules map em1 from 10.75.0.1/24 to 10.73.0.1/16 -> 0/0 map em1 from 65.173.238.2/32 to 10.73.0.1/16 -> 0/0 map em0 from 10.73.0.1/16 to any -> 65.173.238.2/32 portmap tcp/udp auto map em0 from 10.75.0.1/24 to any -> 65.173.238.2/32 portmap tcp/udp auto rdr em0 from any to 65.173.238.27/32 port = 80 -> 10.75.0.29 port 80 tcp rdr em0 from any to 65.173.238.30/32 port = 80 -> 10.75.0.30 port 80 tcp rdr em0 from any to 65.173.238.29/32 port = 80 -> 10.75.0.26 port 80 tcp for now I have the firewall rules disabled, until I get this working, so I know it isn't a firewall issue. Any help would be appreciated. Steve K
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5E0C592A-813B-491C-8F0C-AEABC7E1C150>