From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 6 19:41:33 2006 Return-Path: X-Original-To: ipfw@freebsd.org Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 656B116A4E1 for ; Wed, 6 Sep 2006 19:41:33 +0000 (UTC) (envelope-from vladone@spaingsm.com) Received: from mail.spaingsm.com (llwb135.servidoresdns.net [217.76.137.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79E2943D62 for ; Wed, 6 Sep 2006 19:41:29 +0000 (GMT) (envelope-from vladone@spaingsm.com) Received: from localhost (unknown [88.158.112.6]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.spaingsm.com (Postfix) with ESMTP id A1FF924C67A for ; Wed, 6 Sep 2006 20:58:48 +0200 (CEST) Date: Wed, 6 Sep 2006 22:41:35 +0300 From: vladone X-Mailer: The Bat! (v3.80.03) Professional X-Priority: 3 (Normal) Message-ID: <525121136.20060906224135@spaingsm.com> To: ipfw@freebsd.org In-Reply-To: <002e01c6d1e8$f0b772d0$4602a8c0@Laptop> References: <002e01c6d1e8$f0b772d0$4602a8c0@Laptop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: Subject: Re: IPFW and natd X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: vladone List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Sep 2006 19:41:33 -0000 Hello Mike, Wednesday, September 6, 2006, 10:16:22 PM, you wrote: > I have clients connecting behind a firewall on 10.xxx.xxx.xxx ip's. The > external ip is on a 208.xxx.xxx.xxx block. I need to assign certain clients > behind the firewall their own static external ip that is accessible from the > outside and also make sure they go out using this ip. I have been unable to > get this to work. I have the firewall working fine with natd. Any help > would greatly be appreciated. > Thanks > Mike > GlobalNet > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to > "freebsd-ipfw-unsubscribe@freebsd.org" Use redirect_address option in natd.conf to assign ip's and option "unregistered_only yes", to do natd only for private classes. Example natd.conf (asuming that xl0 is public interface) use_sockets yes same_ports yes interface xl0 dynamic yes unregistered_only yes redirect_address 192.168.0.10 208.xxx.xxx.xxx ............................................. -- Best regards, vladone mailto:vladone@spaingsm.com