Date: Sat, 15 Sep 2001 17:36:39 -0400
From: Mike Tancsa <mike@sentex.net>
To: ml@db.nexgen.com ("alexus")
Cc: freebsd-net@freebsd.org
Subject: Re: port forwarding through natd and/or ipfw
Message-ID: <08i7qt07tvms7vedjvrnelbvjarfqdjv7r@4ax.com>
In-Reply-To: <SEN.1000323940.357365678@news.sentex.net>
References: <SEN.1000323940.357365678@news.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12 Sep 2001 15:45:40 -0400, in sentex.lists.freebsd.net you wrote: >Hi > >My goal is to access my Windows XP workstation that is behind N.A.T. = FreeBSD >box's firewall >my public ip address is 66.92.98.145 and internal ip is 192.168.0.13 = port >that my XP workstation listens on is 3389r > >00333 6 288 fwd 66.92.98.145,3389 tcp from any to = 192.168.0.13 >3389 > >i *did* enabled firewall in kernel > >su-2.05# grep FIREWALL box >options IPFIREWALL #firewall >options IPFIREWALL_VERBOSE #print information about >options IPFIREWALL_VERBOSE_LIMIT=3D10 #limit verbosity >options IPFIREWALL_FORWARD #enable transparent proxy = support >su-2.05# I think you want DIVERT in there as well. In /etc/natd.conf (or where = you keep your rules), you want=20 redirect_port tcp 192.168.0.13:3389 66.92.98.145:3389 Get rid of the 333 fwd rule. Make sure there is the regular divert rule = as well that you get when you say YES to in /etc/rc.conf for natd. ---Mike Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?08i7qt07tvms7vedjvrnelbvjarfqdjv7r>