From owner-freebsd-security Tue Sep 26 21:28:56 2000 Delivered-To: freebsd-security@freebsd.org Received: from allmaui.com (server25.aitcom.net [208.234.0.10]) by hub.freebsd.org (Postfix) with ESMTP id 3A34837B423 for ; Tue, 26 Sep 2000 21:28:40 -0700 (PDT) Received: from allmaui.com (c756043-a.stcla1.sfba.home.com [24.20.23.203]) by allmaui.com (8.8.8/8.8.5) with ESMTP id AAA19251; Wed, 27 Sep 2000 00:28:33 -0400 Message-ID: <39D114F0.46A3251@allmaui.com> Date: Tue, 26 Sep 2000 21:28:16 +0000 From: Craig Cowen X-Mailer: Mozilla 4.74 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: John F Cuzzola Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw + natd + Novell References: Content-Type: multipart/alternative; boundary="------------FFAE8E796D64C9D8F931E9BD" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------FFAE8E796D64C9D8F931E9BD Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Correct me if I am wrong but the 0 in your private network is an error. try making it a 1. Craig Cowen John F Cuzzola wrote: > Hello everyone, > I have a Novell Server that has been moved from a public ip to a private > one (192.168.0.6). The 192.168.0.xxx segment gets internet access through > a FreeBSD box using ipfw/natd. The Novell server needs to be accessable > from the internet from source addresses 142.42.22.xxx. So I tried to set > up a NAT for it as follows: > > natd -p 7500 -redirect_address 192.168.0.6 0.0.0.0 -a 207.24.168.5 > > ipfw add 10 divert 7500 ip from 142.42.22.0/24 to 207.24.168.5 > ipfw add 20 divert 7500 ip from 207.24.168.5 to 142.42.22.0/24 > > So 142.42.22.0/24 should be able to get to the novell server using > 207.24.168.5 as its ip. Using the Windows Client they can connect and see > the NDS tree but when they try to log in the connection times-out. I know > there are some programs that wont work through NAT (like the ones that > insist on reporting back the private ip address). I was wondering if > anyone has had experience logging into a Novell Server with NAT. Can it > be done? > > Thank-you > JohnC > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Craig Cowen 408-394-6673 Cell craig-pager@allmaui.com --------------FFAE8E796D64C9D8F931E9BD Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Correct me if I am wrong but the 0 in your private network is an error.
try making it a 1.

Craig Cowen

John F Cuzzola wrote:

Hello everyone,
I have a Novell Server that has been moved from a public ip to a private
one (192.168.0.6). The 192.168.0.xxx segment gets internet access through
a FreeBSD box using ipfw/natd. The Novell server needs to be accessable
from the internet from source addresses 142.42.22.xxx. So I tried to set
up a NAT for it as follows:

natd -p 7500 -redirect_address 192.168.0.6 0.0.0.0 -a 207.24.168.5

ipfw add 10 divert 7500 ip from 142.42.22.0/24 to 207.24.168.5
ipfw add 20 divert 7500 ip from 207.24.168.5 to 142.42.22.0/24

So 142.42.22.0/24 should be able to get to the novell server using
207.24.168.5 as its ip. Using the Windows Client they can connect and see
the NDS tree but when they try to log in the connection times-out. I know
there are some programs that wont work through NAT (like the ones that
insist on reporting back the private ip address). I was wondering if
anyone has had experience logging into a Novell Server with NAT. Can it
be done?

Thank-you
JohnC

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

-- 
Craig Cowen
408-394-6673 Cell
craig-pager@allmaui.com
  --------------FFAE8E796D64C9D8F931E9BD-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message