From owner-freebsd-questions Mon Feb 3 9:16:30 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CF1F37B401 for ; Mon, 3 Feb 2003 09:16:28 -0800 (PST) Received: from aph2k.internal.aphnet.co.uk (mailgate.aphnet.co.uk [62.49.140.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 557E443E4A for ; Mon, 3 Feb 2003 09:16:22 -0800 (PST) (envelope-from rob@aphnet.co.uk) Received: from robltop.aphnet.co.uk ([192.168.5.22]) by aph2k.internal.aphnet.co.uk with Microsoft SMTPSVC(5.0.2195.5329); Mon, 3 Feb 2003 17:12:24 +0000 Message-Id: <5.1.1.6.0.20030203170636.0200fd90@aph2k> X-Sender: rob@aph2k X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Mon, 03 Feb 2003 17:16:04 +0000 To: , From: Rob O'Donnell Subject: Re: Routing, NAT'ing and and external ADSL router. In-Reply-To: <10072.150.101.208.127.1044255719.squirrel@mail.zoper.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-OriginalArrivalTime: 03 Feb 2003 17:12:25.0046 (UTC) FILETIME=[6BECE760:01C2CBA7] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 23:01 02/02/2003 -0800, mark@fantoma.net wrote: >I have 2 network cards in the gateway machine. >rl0 is 192.168.0.1 255.255.255.0 >rl1 is 192.168.1.1 255.255.255.0 >(p.s. I know realtek suck.. but they were just spare cards!) > >There is an external ADSL router connected to rl1, who's IP address is >192.168.1.2 > >The default router is "192.168.1.2" > >natd is enabled, and the natd interface is "rl1" >and gateway is enabled. > >First off, it only seems to work if I also enable NATing on the ADSL >router, which I would've thought would've caused problems due to "double >NATting" You would need to do this - the internet will ignore your 192.168 addresses. I have a similar setup at home: internet ---> [hw adsl router (192.168.1.1)] --> [192.168.1.11(gateway)192.168.0.11] --> LAN -> multiple PCs. You need NAT enabled on the router. You don't need NAT on the gateway PC; just a basic ability to forward (route) packets. Default route on the gateway machine is the ADSL router. Default router on other machines on the LAN is the gateway machine and (here's the biggie) you need to set up a static route on the ADSL router for your LAN, gateway being your gateway PC. In my case, I set up 192.168.0.0/24 -> 192.168.1.11. Exact means to do so depends on make & model of router. You let the router do all the NAT. it knows about the network between your gateway pc and itself because it's on it, but you have to tell it where to find the other network, otherwise it'll just send it out the Internet, where it will be dropped. Doing your double-NAT will work, as you have found, but it increases additional complexity, and means if you want to set up any pas-through ports you will need to set them up on both devices too. >Secondly, due to this setup, I don't really know how to configure the >firewall.. firewall can still be set up, but i will leave any details to the experts on this list. >Any, and I mean any, help would be appreciated! :) > >Cheers, >Mark > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message -- APH Computers Ltd. Tel: 0161-442 2603 Fax: 0161-443 1162 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message