From owner-freebsd-questions Wed Dec 20 0:33:33 2000 From owner-freebsd-questions@FreeBSD.ORG Wed Dec 20 00:33:30 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from nexus.plymovent.se (nexus.plymovent.se [212.247.77.253]) by hub.freebsd.org (Postfix) with ESMTP id 8950137B400 for ; Wed, 20 Dec 2000 00:33:26 -0800 (PST) Received: from tu ([192.168.1.218]) by nexus.plymovent.se (8.9.3/8.9.3) with SMTP id LAA21829 for ; Wed, 20 Dec 2000 11:03:36 +0100 (CET) (envelope-from thomas.uhrfelt@plymovent.se) Received: by localhost with Microsoft MAPI; Wed, 20 Dec 2000 09:31:43 +0100 Message-ID: <01C06A67.AA3BDEC0.thomas.uhrfelt@plymovent.se> From: Thomas Uhrfelt Reply-To: "thomas.uhrfelt@plymovent.se" To: "'freebsd-questions@freebsd.org'" Subject: NATD redirect part II Date: Wed, 20 Dec 2000 09:31:42 +0100 Organization: PlymoVent AB X-Mailer: Microsoft Internet-e-post/MAPI - 8.0.0.4211 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Due to my somewhat confusing post about getting help with telnet redirects I have decided to put a more extensive description of my setup and problem for review by the people subscribing to this list. I manage two (2) FreeBSD gateways on seperate locations, both handling an internal 192.168.*.* network - the traffic is is tunnled using pipsecd between these networks. Network topology -------------------- 192.168.1.*----192.168.1.254(FREEBSD1)A.B.C.D---(I N T E R N E T)---E.F.G.H(FREEBSD2)192.168.10.254---192.168.10.10(TELNETMACHINE) Problem description ------------------------ I want to allow people outside on the internet telnet access to the machine above called TELNETMACHINE. Both FreeBSD gateways are using ipfw+natd for NAT and Firewalling. I have tried using the directives: -redirect_port tcp 192.168.10.10:23 8888 and -redirect_port udp 192.168.10.10:23 8888 on the FREEBSD2 machine then tried to telnet into E.F.G.H on port 8888 (while using tcpdump on both the external and internal interface on FREEBSD) but I get no response. And the tcpdump shows the telnet from outside reaching FREEBSD2 but there is no activity what so ever on the internal interface - which in my opinion shows that I am making some fundamental error trying to get natd to behave and redirect the telnet session. I am inclined to think that I am the one being a moron here and that it's not due to a bug in natd. Any pointers? I was thinking about giving up and using bounce until I saw that it's only able to "bounce" tcp and not udp packets. There gotta be someone out there with a similar problem like mine that has been solved.. right? Thanks in advance... Thomas Uhrfelt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message