From owner-freebsd-questions  Wed Mar 27  5:54:56 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from sstc.kiev.ua (sstc.kiev.ua [213.169.65.18])
	by hub.freebsd.org (Postfix) with ESMTP id EF5B137B42A
	for <Freebsd-questions@freebsd.org>; Wed, 27 Mar 2002 05:54:22 -0800 (PST)
Received: (from root@localhost)
	by sstc.kiev.ua (8.11.6/8.11.1) id g2RDrdP06390
	for Freebsd-questions@freebsd.org; Wed, 27 Mar 2002 15:53:39 +0200 (EET)
	(envelope-from bely)
Date: Wed, 27 Mar 2002 15:53:39 +0200 (EET)
From: Evgeny Bely <bely@sstc.kiev.ua>
Message-Id: <200203271353.g2RDrdP06390@sstc.kiev.ua>
To: Freebsd-questions@freebsd.org
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I have computer with FreeBSD 4.4
with 192.168.1.1 adress. It hands internal dns for internal stations, apache, firewall. My old connection to ISP was dialup and now i must reconfigure BSD server for working with new provider via Cisco 1700 router (frame-relay)
I must open 80 and 25 port of BSD mashine to outside via Cisco (Cisco was already configured and tested - all working fine when surfing on internet with new connection )
I'm adding on Cisco: ip nat inside source static tcp 192.168.1.1 80 a.b.c.d 80 extendable
So, i opened 80 port to outside (a.b.c.d - outside ip of my Cisco)
BUT when i checking it by nmap from somewhere outside it shows this port as 'filtered'.
Packets going through Cisco to BSD, but it not unswering to outside and i see 'filtered'. I recompiled kernel on BSD with turned off all firewall-meaning strings, (and tried open firewall allow from any to any) -it hasn't effect.
When i opening any port (on example - 80 port of apache on W2000 prof) by NAt on Cisco as i tried open it for BSD: ip nat inside source static tcp 192.168.1.10 80 a.b.c.d 80 extendable - nmap says that 80 port on a.b.c.d open from outside, and a can connect to it by browser - all ok, but not with my FreeBSD :(. I tried it with Linux - works too.. So, the problem is in FreeBSD.
Possible, i'm stupid. I loosing smth, but what? maybe it's feature of BSD, maybe smth wrong configured , but i coldn't find it.
Please help and sorry for my poor english.
Andrew K.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message