Date: Wed, 6 Oct 1999 13:51:56 -0400 From: "Shaun" <scopplestone@wiznet.ca> To: "Alfred Perlstein" <bright@wintelcom.net> Cc: <freebsd-questions@FreeBSD.ORG>, <scopp@wiznet.ca> Subject: RE: NATD question Message-ID: <000d01bf1023$7b3c1c60$153952d1@ntwkstn.wiznet.ca> In-Reply-To: <Pine.BSF.4.05.9910061039000.8080-100000@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I am using registered IP addresses, (just left them and used RFC for sake of privacy) The situation is real IP's on the outside interface, private on the inside interface. Routing the subnet of real addresses to the NAT box and have a subnet of private computers. Hope this clarifies it. Thanks Shaun > -----Original Message----- > From: Alfred Perlstein [mailto:bright@wintelcom.net] > Sent: Wednesday, October 06, 1999 1:42 PM > To: Shaun > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: NATD question > > > > On Wed, 6 Oct 1999, Shaun wrote: > > > Question.... > > > > I am trying to use NATD to route a subnet of 8 IP addresses using > > redirect_address. It works going in but when coming out NATD uses port > > translation on the IP address assigned to the NAT box. > > > > For example: > > > > The NAT box has a IP address of (say) 192.168.0.10 outside > interface, > > inside interface 10.1.1.1 > > a subnet of 192.168.200.216 -> 223 is routed to the above > ip address by > > static routes > > > > I have created a natd.conf file containing all the direct > translations > > using redirect_address. > > I can telnet into say 192.168.200.217 and get redirected correctly to > > 10.1.1.217, but when 10.1.1.217 telnets out, its address is shown as > > 192.168.0.10 instead of 192.168.200.217. Which tells me that port > > translation is working instead of nat. > > > > Does NATD work with subnets or only full /24's? I > currently have this > > working on another NAT box using a class C. > > I'm unsure what you mean, you're giving examples with reserved IP > blocks but yet I get the impression that you want these IPs to be > able to get past natd unmolested, (that you really are not using > reserved IPs) I think the simplest way to accomplish this would be > to add the -unregistered_only flag to natd, or insert an ipfw rule > before your divert rule giving free access to machines coming from > your internal interface. > > -Alfred > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000d01bf1023$7b3c1c60$153952d1>