From owner-freebsd-questions  Fri Feb 28  8:50:53 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EAAE637B401
	for <freebsd-questions@freebsd.org>; Fri, 28 Feb 2003 08:50:51 -0800 (PST)
Received: from cedu.com (mail.cedu.com [65.171.153.202])
	by mx1.FreeBSD.org (Postfix) with SMTP id 39BB143FBF
	for <freebsd-questions@freebsd.org>; Fri, 28 Feb 2003 08:50:51 -0800 (PST)
	(envelope-from cblanchard@cedu.com)
Received: from ESG_DOM-Message_Server by cedu.com
	with Novell_GroupWise; Fri, 28 Feb 2003 08:49:28 -0800
Message-Id: <se5f2298.047@cedu.com>
X-Mailer: Novell GroupWise Internet Agent 5.5.3.1
Date: Fri, 28 Feb 2003 08:48:56 -0800
From: "Christopher Blanchard" <cblanchard@cedu.com>
To: <freebsd-questions@freebsd.org>
Subject: NATs/Firewall help
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

    I am a system administrator at a small private school in the California=
 mountains.  I recently acquired a DSL connection and would like to share =
it with the faculty and staff using NATs.  I put up a 4.7 stable dual-homed=
 box (AJAX), rebuilt the kernel with IPFIREWALL, IPFIREWALL_DEFAULT_TO_ACCE=
PT and IPDIVERT.  The DSL gateway is 4.63.122.77/255.255.255.252 the =
internet interface is 4.63.122.78/255.255.255.252 on the LAN side the =
interface is 10.10.236.5/255.255.255.0 and another router is at 10.10.236.2=
54, 10.10.2 36.1 is a dns/dhcp server (RS1)(novell netware) cedulocal.com. =
 I have read everything I can get my hands on but cannot get AJAX to pass =
traffic. From AJAX I can ping/ftp out to the internet and internally to =
RS1.  I would be appreciative of suggestions and would particularly like =
sample rc.files with appropriate examples.  X-server on this machine will =
not work as it is a compaq with an embedded Intel 82815e graphics which I =
am unable to turn off so http is out, but ftp works fine.
thanks


           Internet                                  AJAX                  =
                              RS1                                          =
      Router
       4.63.122.77               4.63.122.78    10.10.236.5                =
     10.10.236.1                                     10.10.236.254
                                         255.255.255.252  255.255.255.0    =
      255.255.255.0                               255.255.255.0
DNS 4.2.2.1                                                                =
                     DNS/DHCP Srvr
                                                                           =
                               cedulocal.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message