From owner-freebsd-questions@FreeBSD.ORG Sat Mar 29 14:29:08 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 61CE537B405 for ; Sat, 29 Mar 2003 14:29:08 -0800 (PST) Received: from mailhost.schluting.com (spooge.kittenz.pdx.edu [131.252.211.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18B1143F3F for ; Sat, 29 Mar 2003 14:29:07 -0800 (PST) (envelope-from charlie@schluting.com) Received: by mailhost.schluting.com (Postfix, from userid 1001) id B5C4C2542; Sat, 29 Mar 2003 14:29:05 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mailhost.schluting.com (Postfix) with ESMTP id B3026240D; Sat, 29 Mar 2003 14:29:05 -0800 (PST) Date: Sat, 29 Mar 2003 14:29:05 -0800 (PST) From: Charlie Schluting X-X-Sender: charlie@spooge.kittenz.pdx.edu To: jdroflet@canada.com In-Reply-To: <20030329142234.7030.h004.c009.wm@mail.canada.com.criticalpath.net> Message-ID: <20030329142619.H58362@spooge.kittenz.pdx.edu> References: <20030329142234.7030.h004.c009.wm@mail.canada.com.criticalpath.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW NATD access www server by name from the LAN side ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2003 22:29:09 -0000 > FreeBSD 4.7 firewall with 3 nics. Public, DMZ, and LAN. > DNS,Bind is not running here. > www Public address is redirected to it's DMZ address. > The www server in the DMZ can be accessed by name from the Internet but > only by it's private DMZ IP address from the LAN side. Attempt to access > it by name from the LAN results in a 'page not found'. > > When attempting to access the www by name from the LAN side tcpdump > shows traffic getting to the firewall but not redirected out DMZ nic. So > it's the firewall answering with the 'page not found'. Well, actually your web browser is saying that... because it can't find the page. > How can I redirect traffic to the WWW server from the LAN side ? > Thanks, Jay. This is in the howto I followed (but I don't remember how)... there's about 5 good ones that can be found via google. Basically, you need to add a rdr rule to natd, if I remember correctly.