From owner-freebsd-questions Sat Nov 25 22: 7: 2 2000 Delivered-To: freebsd-questions@freebsd.org Received: from freeze.org (www.bellnetworks.net [208.177.187.234]) by hub.freebsd.org (Postfix) with ESMTP id 398AA37B479 for ; Sat, 25 Nov 2000 22:06:56 -0800 (PST) Received: (from jim@localhost) by freeze.org (8.9.3/8.9.3) id BAA27761; Sun, 26 Nov 2000 01:06:52 -0500 (EST) (envelope-from jim) X-Authentication-Warning: www.bellnetworks.net: Processed from queue /var/spool/alt_queue X-Authentication-Warning: www.bellnetworks.net: Processed by jim with -C /web/siteinfo/freeze/mail/sendmail.cf Date: Sun, 26 Nov 2000 01:06:51 -0500 (EST) From: Jim Freeze X-Sender: jim@www.bellnetworks.net To: questions@freebsd.org Subject: Need help with natd and connecting Windows to LAN Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I am running FBSD3.4R as a gateway/router with a Win98 box connected on a local LAN. The gateway machine can see the internet and the Win98 box, but the Win98 box cannot ping the gateway nor see beyond it. Below is some specific setup info: The Kernel file contains: # Added by JDF options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #log dropped packets options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity #options IPFILTER_LOG # turn on logging options IPDIVERT #divert ip's options "ICMP_BANDLIM" The network layout: ISP(dns1=24.5.116.15,dns2=24.5.116.17) | | cable-modem | | (DHCP) (eeyore1) router/gateway 192.168.1.1 (eeyore) | X (cross-over cable) | 192.168.1.2 Win98Box jfreeze@eeyore1 ('tty') ~ 16 -> cat /etc/hosts 127.0.0.1 localhost localhost.home.com 24.9.218.175 eeyore1 CI590846-B lxintn1.ky.home.com 24.5.116.15 dns1 24.5.116.17 dns2 192.168.1.1 eeyore 192.168.1.2 rabbit (looks the same on windows) root@eeyore1 ('tty') ~ 5 -> sh /etc/rc.firewall Flushed all rules. 00000 divert 8668 ip from any to any via vx0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any (temporarily turned off) root@eeyore1 ('tty') ~ 15 -> netstat -r Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 24.9.218.1 UGSc 12 0 vx0 24.9.218/24 link#1 UC 0 0 vx0 24.9.218.1 0:50:f:0:3c:70 UHLW 13 0 vx0 791 localhost localhost UH 0 8 lo0 192.168.1 link#2 UC 0 0 al0 rabbit 0:a0:cc:78:23:95 UHLW 0 9 al0 586 root@eeyore1 ('tty') ~ 16 -> cat /etc/resolv.conf search lxintn1.ky.home.com nameserver 24.5.116.17 nameserver 24.5.116.15 root@eeyore1 ('tty') ~ 17 -> ifconfig -a vx0: flags=8843 mtu 1500 inet 24.9.218.175 netmask 0xffffff00 broadcast 24.9.218.255 ether 00:60:97:4f:aa:a0 al0: flags=8843 mtu 1500 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 ether ff:ff:ff:ff:ff:ff media: autoselect (100baseTX ) supported media: autoselect 100baseTX 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 10baseT/UTP lp0: flags=8810 mtu 1500 tun0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 ppp0: flags=8010 mtu 1500 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 root@eeyore1 ('tty') ~ 18 -> cat /etc/rc.conf # This file now contains just the overrides from /etc/defaults/rc.conf # please make all changes to this file. # -- sysinstall generated deltas -- # ifconfig_ppp0="inet netmask 255.255.255.0" network_interfaces="lo0 vx0 al0" ifconfig_lo0="inet 127.0.0.1" ifconfig_vx0="inet netmask 255.255.255.0" ifconfig_al0="inet 192.168.1.1 netmask 255.255.255.0" ifconfig_vx0="DHCP" gateway_enable="YES" hostname="eeyore1" firewall_enable="YES" # Set YES to enable firewall functionality #firewall_type="client" # Firewall type (see /etc/rc.firewall) #firewall_type="simple" # Firewall type (see /etc/rc.firewall) firewall_type="open" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to supress rule display natd_enable="YES" # Enable natd (if firewall_enable == YES) natd_interface="vx0" # Public interface or IPaddress to use natd_flags="-f /etc/natd.conf" # Additional flags for natd The Win98 Network settings are: TCP/IP -> NETGEAR FA311 FastEthernet PCI Adapter - Properties - IP:192.168.1.2 - Subnet: 255.255.255.0 - WINS: disabled - Gateway: 192.168.1.1 - DNS: - Host: rabbit - Domain: (I don't know what to put here. I have tried leaving it blank and 192.168.1.1) - DNS: 24.5.116.15 - DNS: 24.5.116.17 - Binding: Microsoft Family Logon (I unchecked Client for Microsoft Networks) ------Testing the network ------- From FreeBSD all seems to work. jfreeze@eeyore1 ('tty') ~ 12 -> ping localhost PING localhost (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=1.008 ms jfreeze@eeyore1 ('tty') ~ 13 -> ping eeyore1 PING eeyore1 (24.9.218.175): 56 data bytes 64 bytes from 24.9.218.175: icmp_seq=0 ttl=255 time=0.106 ms jfreeze@eeyore1 ('tty') ~ 14 -> ping eeyore PING eeyore (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=0.098 ms jfreeze@eeyore1 ('tty') ~ 15 -> ping rabbit PING rabbit (192.168.1.2): 56 data bytes 64 bytes from 192.168.1.2: icmp_seq=0 ttl=128 time=0.252 ms jfreeze@eeyore1 ('tty') ~ 17 -> ps waux | grep natd root 173 0.0 0.2 432 96 ?? Ss 10:44PM 0:00.23 /sbin/natd -f /etc/natd.conf -n vx0 jfreeze@eeyore1 ('tty') ~ 19 -> cat /etc/natd.conf interface vx0 use_sockets yes same_ports yes dynamic yes --------From Win98-------- ping localhost works (127.0.0.1) ping rabbit works (192.168.1.2) ping eeyore (192.168.1.1) - gives Request timed out. Can someone tell me what I am doing wrong here? Thanks! =========================== Jim Freeze jim@freeze.org =========================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message