Date: Thu, 26 Apr 2007 12:03:42 -0700 From: Chuck Swiger <cswiger@mac.com> To: =?ISO-8859-1?Q?Miguel_Alc=E1ntara?= <miguel.alc@gmail.com> Cc: faqfreebsd <freebsd-questions@freebsd.org> Subject: Re: PF NAt Message-ID: <1B9C1908-4B89-4672-9912-1887A29D3623@mac.com> In-Reply-To: <5855700c0704261135m7ddc06dbuc74e501e9bef3ca1@mail.gmail.com> References: <5855700c0704261135m7ddc06dbuc74e501e9bef3ca1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 26, 2007, at 11:35 AM, Miguel Alc=E1ntara wrote: > /etc/rc.conf > > gateway_enable =3D "YES" > > ifconfig_vr0=3D"inet 192.168.1.2 netmask 255.255.255.0" > ifconfig_xl0=3D"inet 192.168.1.3 netmask 0xffffffff" > squid_enable=3D"YES" You're not going to have much luck trying to do NAT if both =20 interfaces are on the same subnet. Other machines will simply =20 broadcast to the other LAN addresses without being re-written by this =20= machine. For NAT to work, the traffic has to flow through this machine as a =20 router (or gateway), which means that they can't be using something =20 like 192.168.1.1 as the router. You'll have to change vr0 to use a =20 publicly routable IP if your want to use it as the "external NIC". --=20 -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1B9C1908-4B89-4672-9912-1887A29D3623>