From owner-freebsd-questions Thu Mar 22 10:37:49 2001 Delivered-To: freebsd-questions@freebsd.org Received: from treasure.yi.org (adsl-dynamic2-126.milwaukee.wi.ameritech.net [64.108.133.126]) by hub.freebsd.org (Postfix) with SMTP id 73F2637B722 for ; Thu, 22 Mar 2001 10:37:31 -0800 (PST) (envelope-from admin@treasure.yi.org) Received: from burner ([216.56.9.57]) by treasure.yi.org ; Thu, 22 Mar 2001 12:36:21 -0600 From: "Mike Blend" To: Subject: IPFW/NATD Scenario Date: Thu, 22 Mar 2001 12:45:14 -0600 Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0012_01C0B2CD.F0C201E0" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_0012_01C0B2CD.F0C201E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit I'm new to both FreeBSD and NAT, so please bear with me. With the help of a net-friend I have successfully setup a FreeBSD 4.2 machine with 2 NICS, one for an internal connection and one for an external connection. The machine is acting as a firewall/gateway for the internal network. It all appears to be functioning properly at this point. Here's what I want to do, and how I understand how it needs to be done : I have a Win2000 server hosting mail and web for 4 domains. That machine has 4 internet IP addresses assigned to its external NIC. Each one of those ip addresses is for one domain. The web and mail servers for each domain point to one of those ips. What I want to do (I think) is replace the external ips on the win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD box accept the incoming traffic to my 4 external ips and route that traffic to the correct internal ip on the win2000 server….using one-to-one NAT if I understand correctly. At that point I will be able to control the traffic to the web/mail server by allowing only those ports and services that I need. I want to make sure that I've got the right idea, and if so, could someone please explain to me (or direct me to documentation) how to assign those 4 additional external ip addresses to the external NIC in my FreeBSD box? Comments, thoughts, suggestions? Any help is GREATLY appreciated. Thanx in advance. Jim Sparks ------=_NextPart_000_0012_01C0B2CD.F0C201E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I'm new to both FreeBSD and NAT, so please bear with me

I'm new to both FreeBSD and NAT, so please bear with = me.

 

With the help of a net-friend I have successfully setup a FreeBSD = 4.2 machine with 2 NICS, one for an internal connection and one for an = external connection. The machine is acting as a firewall/gateway for the internal network.  It all appears = to be functioning properly at this point.

 

Here's what I want to do, and how I understand how it needs to be = done :

 

I have a Win2000 server hosting mail and web for 4 domains.  That machine has 4 internet IP = addresses assigned to its external NIC.  = Each one of those ip addresses is for one domain. The web and mail servers = for each domain point to one of those ips.

 

What I want to do (I think) is replace the external ips on the = win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD = box accept the incoming traffic to my 4 external ips and route that traffic to the = correct internal ip on the win2000 server….using one-to-one NAT if I = understand correctly.  At that point = I will be able to control the traffic to the web/mail server by allowing only = those ports and services that I need.

 

I want to make sure that I've got the right idea, and if so, = could someone please explain to me (or direct me to documentation) how to = assign those 4 additional external ip addresses to the external NIC in my = FreeBSD box?

 

Comments, thoughts, suggestions?  Any help is GREATLY appreciated. Thanx in = advance.

 

Jim Sparks

------=_NextPart_000_0012_01C0B2CD.F0C201E0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message