From owner-freebsd-questions Thu Oct 12 13:28:39 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.new.rr.com (mail1.rdc-detw.rr.com [24.30.0.23]) by hub.freebsd.org (Postfix) with ESMTP id DC0AE37B503 for ; Thu, 12 Oct 2000 13:28:36 -0700 (PDT) Received: from judah ([24.164.246.248]) by mail1.new.rr.com with Microsoft SMTPSVC(5.5.1877.357.35); Thu, 12 Oct 2000 16:28:57 -0400 From: "Doug Poland" To: "Ivan S. Anisimov" Cc: Subject: RE: please help get nat running Date: Thu, 12 Oct 2000 15:28:28 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <39E61168.79B9D367@itp.ac.ru> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I just solved (obviously with the help of others) a similar problem. You're internal IP address 192.168.1.1 is an unregistered and won't route without the right rules in ipfw. (I was using 10.20.1.129). This was solved with the following ipfw command.. ipfw add 500 divert natd all from any to any via ed0 In your case, replace ed0 with tun0 Check out http://www.freebsd-howto.com/HOWTO/NAT-HOWTO Regards, Doug > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Ivan S. Anisimov > Sent: Thursday, October 12, 2000 14:31 > To: questions@freebsd.org > Subject: please help get nat running > > > Hello, > > Could you PLEASE help me get my nat running? > I've done everything just like the faqs say: > configured the kernel with ipfirewall, ipfirewall_forward and > ipdivert options, configured both interfaces > (de0 is local network, 192.168.1.1, ppp0 is > the dialout with real ip), configured > firewall to allow all from any to any, > told my windows box to use 192.168.1.1 as > a gateway, enabled firewall and natd in rc.conf. > Still I get "request timed out" from that stupid > windows when I'm trying to ping anything except > my freebsd machine. > > Many thanks in advance, > Sincerely > Ivan Anisimov > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message