From owner-freebsd-questions@FreeBSD.ORG Wed Jul 28 14:27:25 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 396C716A4CE for ; Wed, 28 Jul 2004 14:27:25 +0000 (GMT) Received: from amcuxfw802.amc.af.mil (amcuxfw802.amc.af.mil [131.9.254.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A3F243D58 for ; Wed, 28 Jul 2004 14:27:24 +0000 (GMT) (envelope-from david.hauan@fairchild.af.mil) Received: from amcw2av808.amc.ds.af.mil (amcw2av808.amc.af.mil [131.9.19.137]) by fw2.amc.af.mil with SMTP id i6SEQpwE017320; Wed, 28 Jul 2004 09:27:20 -0500 (CDT) Received: from AMCW2BH506.amc.ds.af.mil ([131.9.25.136]) M2004072809272010729 ; Wed, 28 Jul 2004 09:27:20 -0500 Received: from amcw2ms517.amc.ds.af.mil ([131.9.19.74]) by AMCW2BH506.amc.ds.af.mil with Microsoft SMTPSVC(5.0.2195.6713); Wed, 28 Jul 2004 09:27:18 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 28 Jul 2004 09:27:18 -0500 Message-ID: <59FD5336D1B1FA40AF6DDD241D8DBAC68C1376@amcw2ms517.amc.ds.af.mil> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Problems after IP change Thread-Index: AcR0rkfbrpMrbhoQTt6AvRiTXAHbFgAARmEg From: "Hauan, David" To: X-OriginalArrivalTime: 28 Jul 2004 14:27:18.0267 (UTC) FILETIME=[FC8124B0:01C474AE] cc: questions@freebsd.org Subject: RE: Problems after IP change X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jul 2004 14:27:25 -0000 > -----Original Message----- > From: Steve Bertrand [mailto:iaccounts@ibctech.ca] > Sent: Wednesday, July 28, 2004 7:22 AM > To: dgw@liwest.at > Cc: questions@freebsd.org > Subject: Re: Problems after IP change >=20 >=20 > > On Wednesday 28 July 2004 14:03, Steve Bertrand wrote: > >> > Hi all! > >> > > >> > I recently got a new IP on my outside interface, and I=20 > replaced the > >> old > >> > IP with the new one in my IPFW ruleset, and restarted natd. > >> > Now everything was alright until my network clients (on=20 > the inside > >> > interface) > >> > started complaining that they can't connect to remote=20 > servers. Ping > >> still > >> > works, but they can't fetch their mail or surf the net. > >> > It looks like something is wrong with my firewall, but I changed > >> nothing > >> > but > >> > the old address. > >> > Are there other processes that need to be restarted? > >> > >> Did you actually change the IP on the interface itself? If not: > >> > >> edit /etc/rc.conf and change the IP/Netmask, then: > >> > >> # /etc/netstart > > > > Yes, the IP was changed. I ran /etc/netstart, but it didn't=20 > help. As I > > said, > > ping works as normal, and the packet sniffer shows normal=20 > TCP connections > > and > > there are even answers from the remote servers, so I really=20 > have no clue > > what > > could be wrong. I don't think it would do this with a wrong IP. > > > > >=20 > Do you have an ``alias_address'' statement in your natd.conf file? >=20 > Usually, you will specify the interface that natd operates=20 > on, but in some > situations, some will specify an alias address instead. >=20 > Check the file, and ensure that you are not aliasing the old address. >=20 > Steve Can you ping outside addresses from the inside clients? Is the FW box running dhcp? If not did you change the gateway on the inside clients? Just a thought. dave=20