From owner-freebsd-questions Sat Feb 10 13:43: 2 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cody.jharris.com (cody.jharris.com [205.238.128.83]) by hub.freebsd.org (Postfix) with ESMTP id A3FA237B4EC for ; Sat, 10 Feb 2001 13:42:45 -0800 (PST) Received: from localhost (nick@localhost) by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f1AM4kU03223; Sat, 10 Feb 2001 16:04:46 -0600 (CST) (envelope-from nick@rogness.net) Date: Sat, 10 Feb 2001 16:04:46 -0600 (CST) From: Nick Rogness X-Sender: nick@cody.jharris.com To: Benjamin Ossei Cc: questions@FreeBSD.ORG Subject: Re: Can't hit my own website from behind firewall In-Reply-To: <20010210210209.C947D36F9@sitemail.everyone.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 10 Feb 2001, Benjamin Ossei wrote: > I can't seem to hit my own web server from a machine on my internal > network. I have a dualhomed bsd running as a firewall. I allow > everything going outbound using keep-state and check-state (not in > that order). I'm using NAT to get to my web server which is using a > 192.168.1.x IP address. I can hit the server fine from the outside > but from the machine behind the firewall I can't. What might be > blocking this? I also allow http,ftp, ssh, dns inbound. How are you accessing your webserver from the inside...by the public IP translation or by the inside 192.168.1.x address? If you are trying to access the public address from the inside you will need an additional divert rules that runs on your inside interface. Nick Rogness - Keep on routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message