From owner-freebsd-questions Tue May 15 14:36: 0 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id 761D737B423 for ; Tue, 15 May 2001 14:35:57 -0700 (PDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f4FMnKs39290; Tue, 15 May 2001 17:49:20 -0500 (CDT) (envelope-from nick@rogness.net) Date: Tue, 15 May 2001 17:49:20 -0500 (CDT) From: Nick Rogness X-Sender: nick@cody.jharris.com To: Brent Cc: freebsd-questions@FreeBSD.ORG Subject: Re: NAT help In-Reply-To: <006601c0dd86$5bf34680$3ab4a8c0@kronos> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 15 May 2001, Brent wrote: > The company I work for is running a Freebsd 4.1 box as a duel home > host w/ NAT. We have a router thats our gateway to the internet. we > also have a PIX to PIX VPN between our location and our parent company > in another state...and their internal network is behind NAT as well. > what i need to do is any requests from my internal network .( lets say > 10.0.0.x) to thier internal network (192.168.0.x ) we want to direct > thru the PIX's over the VPN. all other traffic goes thru our router > and out to the internet. i know this worked under linux...but im not > sure about FBSD and the syntax this is the syntax that im using...is > this the way this should be done ?? > > # route add -net 192.168.x.x netmask 255.255.255.0 xl0 > # route add -net 192.168.x.x YYY.YYY.YYY.YYY -netmask 255.255.255.0 Where YYY.YYY.YYY.YYY is the IP of the PIX. You did not specify were the pix was located at in your network so you may need to watch out for nat interfering with your VPN through the pix. Nick Rogness - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message