From owner-freebsd-questions@FreeBSD.ORG Fri Dec 26 10:04:02 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA95416A4CE for ; Fri, 26 Dec 2003 10:04:02 -0800 (PST) Received: from lakemtao05.cox.net (lakemtao05.cox.net [68.1.17.116]) by mx1.FreeBSD.org (Postfix) with ESMTP id 37A6043D1D for ; Fri, 26 Dec 2003 10:04:01 -0800 (PST) (envelope-from micheal@tsgincorporated.com) Received: from dredster ([68.12.79.37]) by lakemtao05.cox.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031226180400.XWKP29834.lakemtao05.cox.net@dredster>; Fri, 26 Dec 2003 13:04:00 -0500 Message-ID: From: "Micheal Patterson" To: , References: <20031226172708.68834.qmail@web40413.mail.yahoo.com> Date: Fri, 26 Dec 2003 11:55:14 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: natd problem (but close!) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Dec 2003 18:04:03 -0000 ----- Original Message ----- From: "The Bean" To: Sent: Friday, December 26, 2003 11:27 AM Subject: natd problem (but close!) > Hi all, > > I've been trying to get natd up on a FreeBSD 4.9-Stable box. > I think I've followed every step, and it's still not quite working, > although I believe it's getting close. My dual-homed box has > two interfaces: internal ed0=10.13.0.1/8, and external > xl0=xx.yy.zz.187/29 (note I've cleverly obscured the IP). > > Here's what I've done on the dual-homed box: > - Kernel compiled with IPFIREWALL & IPDIVERT > - gateway_enabled="YES", verified with sysctl -a list | grep ipforwarding > - firewall set to open > - natd_enabled="YES" > - natd_interface=my external interface > - natd_flags=-f /etc/natd.conf > - /etc/natd.conf contains one line: redirect_address 10.0.0.13 xx.yy.zz.186, > where xx.yy.zz.186 is the desired public IP for a client on my internal > network, whose internal IP is 10.0.0.13 > > On my client, I've set the default router to 10.13.0.1, which is the IP for the > internal interface for the gateway box. > > The gateway can access the Internet just fine. The client has some problems, > which I've attempted to diagnose by running tcpdump on the gateway, and > trying a ping and a lynx from the client. Here are the results, as reported > by the gateway: > Do an ipfw list and you should see an entry at or very near the top similar to: divert 8668 ip from any to any via xl0 If you don't, traffic isn't being diverted to NAT and it's trying to route the 10 /8 traffic to it's connected router and dieing there. -- Micheal Patterson Network Administration TSG Incorporated 405-917-0600