From owner-freebsd-questions Fri Mar 19 6:31:15 1999 Delivered-To: freebsd-questions@freebsd.org Received: from zeus.dnt.md (zeus.dnt.md [195.138.124.37]) by hub.freebsd.org (Postfix) with ESMTP id 856A515588 for ; Fri, 19 Mar 1999 06:31:01 -0800 (PST) (envelope-from sl@zeus.dnt.md) Received: from localhost (sl@localhost) by zeus.dnt.md (8.9.3/8.9.3) with ESMTP id QAA75283; Fri, 19 Mar 1999 16:29:47 GMT Date: Fri, 19 Mar 1999 16:29:47 +0000 (GMT) From: Veaceslav Revutchi To: freebsd-questions@freebsd.org Cc: moldova-unix@moldsat.md Subject: ipnat problem (two ethernets) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi I have a problem with ipnat on 3.1R and I hope someone can help me out. I have a machine with two ethernets, which separates two LANs: LAN1 || LAN2 |195.138.124.50 vx0 ---||--- ed0 -----------------|GATEWAY 10.0.0.1 || 195.138.124.34/27 |to INTERNET and I would like to be able to allow machines with private IPs 10.0.0 on LAN1 to access internet directly. Here are my ipnat rules: rdr vx0 10.0.0.1/32 port 25 -> 10.0.0.1 port 25 rdr vx0 10.0.0.1/32 port 110 -> 10.0.0.1 port 110 map vx0 10.0.0.0/24 -> 195.138.124.34/32 portmap tcp/udp 10000:40000 map vx0 10.0.0.0/24 -> 195.138.124.34/32 The first two rule will allow the LAN1 machines to access SMTP and POP3 on the nat machine and the other two should be mapping the 10.0.0 IPs into a internet routable IP. The result is: The LAN1 machines can go as far as to ping the ed0's IP address but go no further. any advice is appreciated. Veaceslav. vr@dnt.md To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message