Date: Thu, 22 Mar 2001 12:45:14 -0600 From: "Mike Blend" <admin@treasure.yi.org> To: <freebsd-questions@freebsd.org> Subject: IPFW/NATD Scenario Message-ID: <PIEHIJCHILMFAJEFGEBNAEEBCAAA.admin@treasure.yi.org>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] I'm new to both FreeBSD and NAT, so please bear with me. With the help of a net-friend I have successfully setup a FreeBSD 4.2 machine with 2 NICS, one for an internal connection and one for an external connection. The machine is acting as a firewall/gateway for the internal network. It all appears to be functioning properly at this point. Here's what I want to do, and how I understand how it needs to be done : I have a Win2000 server hosting mail and web for 4 domains. That machine has 4 internet IP addresses assigned to its external NIC. Each one of those ip addresses is for one domain. The web and mail servers for each domain point to one of those ips. What I want to do (I think) is replace the external ips on the win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD box accept the incoming traffic to my 4 external ips and route that traffic to the correct internal ip on the win2000 server….using one-to-one NAT if I understand correctly. At that point I will be able to control the traffic to the web/mail server by allowing only those ports and services that I need. I want to make sure that I've got the right idea, and if so, could someone please explain to me (or direct me to documentation) how to assign those 4 additional external ip addresses to the external NIC in my FreeBSD box? Comments, thoughts, suggestions? Any help is GREATLY appreciated. Thanx in advance. Jim Sparks [-- Attachment #2 --] <html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">; <head> <meta http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <meta name=ProgId content=Word.Document> <meta name=Generator content="Microsoft Word 9"> <meta name=Originator content="Microsoft Word 9"> <link rel=File-List href="cid:filelist.xml@01C0B2CD.F067FB00"> <title>I'm new to both FreeBSD and NAT, so please bear with me</title> <!--[if gte mso 9]><xml> <o:DocumentProperties> <o:Revision>2</o:Revision> <o:TotalTime>17</o:TotalTime> <o:Created>2001-03-22T18:04:00Z</o:Created> <o:LastSaved>2001-03-22T18:31:00Z</o:LastSaved> <o:Pages>1</o:Pages> <o:Words>207</o:Words> <o:Characters>1183</o:Characters> <o:Company>Mayville School District</o:Company> <o:Lines>9</o:Lines> <o:Paragraphs>2</o:Paragraphs> <o:CharactersWithSpaces>1452</o:CharactersWithSpaces> <o:Version>9.2720</o:Version> </o:DocumentProperties> <o:OfficeDocumentSettings> <o:DoNotRelyOnCSS/> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 9]><xml> <w:WordDocument> <w:DocumentKind>DocumentEmail</w:DocumentKind> <w:EnvelopeVis/> <w:DoNotOptimizeForBrowser/> </w:WordDocument> </xml><![endif]--> <style> <!-- /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-parent:""; margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig {margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} span.EmailStyle15 {mso-style-type:personal-compose; mso-ansi-font-size:10.0pt; mso-ascii-font-family:Arial; mso-hansi-font-family:Arial; mso-bidi-font-family:Arial; color:black;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} --> </style> </head> <body lang=EN-US style='tab-interval:.5in'> <div class=Section1> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I'm new to both FreeBSD and NAT, so please bear with me.<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>With the help of a net-friend I have successfully setup a FreeBSD 4.2 machine with 2 NICS, one for an internal connection and one for an external connection. The machine is acting as a firewall/gateway for the internal network.<span style="mso-spacerun: yes"> </span>It all appears to be functioning properly at this point.<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Here's what I want to do, and how I understand how it needs to be done :<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I have a Win2000 server hosting mail and web for 4 domains.<span style="mso-spacerun: yes"> </span>That machine has 4 internet IP addresses assigned to its external NIC.<span style="mso-spacerun: yes"> </span>Each one of those ip addresses is for one domain. The web and mail servers for each domain point to one of those ips.<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>What I want to do (I think) is replace the external ips on the win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD box accept the incoming traffic to my 4 external ips and route that traffic to the correct internal ip on the win2000 server….using one-to-one NAT if I understand correctly.<span style="mso-spacerun: yes"> </span>At that point I will be able to control the traffic to the web/mail server by allowing only those ports and services that I need.<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I want to make sure that I've got the right idea, and if so, could someone please explain to me (or direct me to documentation) how to assign those 4 additional external ip addresses to the external NIC in my FreeBSD box?<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Comments, thoughts, suggestions?<span style="mso-spacerun: yes"> </span>Any help is GREATLY appreciated. Thanx in advance.<o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=MsoNormal><span class=EmailStyle15><font size=2 color=black face=Arial><span style='font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Jim Sparks<o:p></o:p></span></font></span></p> </div> </body> </html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?PIEHIJCHILMFAJEFGEBNAEEBCAAA.admin>