From owner-freebsd-ipfw Thu Sep 27 8:24: 6 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from mmu.edu.my (ext-dns.mmu.edu.my [203.106.62.11]) by hub.freebsd.org (Postfix) with ESMTP id 67DB537B41F for ; Thu, 27 Sep 2001 08:23:52 -0700 (PDT) Received: from venus.cyber.mmu.edu.my (venus.cyber.mmu.edu.my [203.106.62.12]) by mmu.edu.my (8.9.1b+Sun/8.9.1) with ESMTP id XAA16568; Thu, 27 Sep 2001 23:19:35 +0800 (MYT) Received: from there ([10.100.99.41]) by venus.cyber.mmu.edu.my (8.8.8+Sun/8.8.8) with SMTP id XAA24913; Thu, 27 Sep 2001 23:19:30 +0800 (SGT) Message-Id: <200109271519.XAA24913@venus.cyber.mmu.edu.my> Content-Type: text/plain; charset="iso-8859-1" From: nuzrin yaapar Reply-To: nuzrin@goose.net.my Organization: multimedia university To: rrios@intersys.com.mx, freebsd-ipfw@FreeBSD.ORG Subject: Re: It could be a dynamic nat-ip-pool on FreeBSD?? Date: Thu, 27 Sep 2001 23:33:07 +0800 X-Mailer: KMail [version 1.3] References: <06256AD3.00670172.00@smgwisys.intersys.com.mx> In-Reply-To: <06256AD3.00670172.00@smgwisys.intersys.com.mx> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG i'm not entirely sure what you want to do, but i guess you want to map range of your internal ip to range of public ip. i guess you should have a look at ipnat(1) and ipnat(5). maybe it can do what u want. On Thursday 27 September 2001 2:23 am, rrios@intersys.com.mx wrote: > Maybe any has ever seen some configuration on PIX or FW-IOS where a pool-ip > cant exist to do NAT for example: > ------------------------ > Router: > ! > interface FastEthernet0/0 > ip address 148.x.x.1 255.255.255.240 secondary > ip address 10.10.10.2 255.255.0.0 > ip nat inside > ! > interface Serial0/0:0 > ip address 148.x.x.1 255.255.255.252 > ip nat outside > ! > ip nat pool internet 148.x.x.212 148.x.x.222 netmask 255.255.255.240 > ip nat inside source list 1 pool internet overload > ! > access-list 1 permit 10.10.0.0 0.0.255.255 > ------------------------- > PIX: > > ip address outside 200.x.x.3 255.255.255.192 > ip address inside 10.139.10.4 255.255.255.0 > global (outside) 1 200.x.x.10-200.x.x.63 > nat (inside) 1 0.0.0.0 0.0.0.0 > > ------------------------- > > > I would like to know if anibody has ever try to do this in FreeBSD box, the > problem is with only one IP for NAT I have > problems with some aplications like IRC, Messangers etc.. "ipfw add divert > natd all from any to any xl0" xl0-public > > It's not possible to try redirect_address becouse exist a DHCP behind and > then will be problems with arp entry's, leases etc.. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message