Date: Wed, 20 Nov 2002 14:20:48 -0800 From: "Derrick Ryalls" <ryallsd@datasphereweb.com> To: <freebsd-questions@freebsd.org> Subject: RE: NAT Help Message-ID: <000901c290e3$1417b870$0200a8c0@bartxp> In-Reply-To: <20021120191159.5699.qmail@web13806.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi, >=20 > I'm trying to get NAT up and running on my FreeBSD > 4.7R gateway machine and have hit a bit of a wall.=20 > Have looked around online for FAQs and other help and > haven't really been able to isolate the problem this > way. If anyone can offer advice, I would be most > appreciative. >=20 > I have a FreeBSD machine configured as a gateway for a > LAN. The BSD machine has two NICs (fxp0 and vr0).=20 > fxp0 is connected to a router via ethernet, which in > turn is connected to the Net via ADSL. The router is > very basic and doesn't have all of the functions we > require, hence the BSD box being the gateway. >=20 > vr0 is connected to a hub for the LAN, which all uses > internal 10.0.0.x IP addressing. The FreeBSD box > provides DHCP for this range. All of this is working=20 > correctly. We also have a couple of external IPs which I=20 > would like to map onto a couple of servers on the private=20 > LAN, and herein lies the problem. I just can't seem to get=20 > NAT working to redirect these IPs from the BSD machine to the=20 > relevant internal IP. >=20 > On the BSD machine, I've compiled a kernel with the > following options: >=20 > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_VERBOSE >=20 > The following options exist in rc.conf: >=20 > gateway_enable=3D"YES"=20 > firewall_enable=3D"YES"=20 > firewall_type=3D"OPEN"=20 > natd_enable=3D"YES"=20 > natd_interface=3D"fxp0"=20 > natd_flags=3D"-redirect_address 10.0.0.2 x.x.x.x=20 > -redirect_address 10.0.0.3 x.x.x.x"=20 >=20 > (where x.x.x.x is of course the external IP). >=20 > rc.conf also contains the following ipconfig settings > for the external IP addresses (of which there are 5). >=20 > ifconfig_fxp0_alias0=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias1=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias2=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias3=3D"inet x.x.x.x netmask > 255.255.255.248" > ifconfig_fxp0_alias4=3D"inet x.x.x.x netmask > 255.255.255.248" I am no expert and have never aliased before, but I think you need to use the netmask of 255.255.255.255 (0xffffffff) for aliases. >=20 > alias0 is used as the IP address for the gateway > machine and my intention is to redirect traffic on the=20 > remaining four addresses to other machines on the LAN. This=20 > is where it falls down and I'm stumped. >=20 > Regards, >=20 > Ben Craig. >=20 > =3D=3D=3D=3D=3D > -- > Benjamin Craig > Executive Producer > Cinemagine Limited >=20 >=20 > __________________________________________________ > Do You Yahoo!? > Everything you'll ever need on one web page > from News and Sport to Email and Music Charts http://uk.my.yahoo.com >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000901c290e3$1417b870$0200a8c0>