From owner-freebsd-net Wed Apr 14 6:36:20 1999 Delivered-To: freebsd-net@freebsd.org Received: from mailg.telia.com (mailg.telia.com [194.22.194.26]) by hub.freebsd.org (Postfix) with ESMTP id 88497150A3 for ; Wed, 14 Apr 1999 06:35:51 -0700 (PDT) (envelope-from thomas.uhrfelt@plymovent.se) Received: from d1o68.telia.com (root@d1o68.telia.com [62.20.138.241]) by mailg.telia.com (8.8.5/8.8.8) with ESMTP id PAA16378; Wed, 14 Apr 1999 15:33:29 +0200 (CEST) Received: from tu (t1o68p59.telia.com [62.20.138.59]) by d1o68.telia.com (8.8.8/8.8.5) with SMTP id PAA17318; Wed, 14 Apr 1999 15:33:18 +0200 (CEST) Received: by localhost with Microsoft MAPI; Wed, 14 Apr 1999 15:29:42 +0200 Message-ID: <01BE868B.9E2A48E0.thomas.uhrfelt@plymovent.se> From: Thomas Uhrfelt Reply-To: "thomas.uhrfelt@plymovent.se" To: "'Thomas Seidmann'" Cc: "'freebsd-net@freebsd.org'" Subject: SV: steps in networking Date: Wed, 14 Apr 1999 15:29:24 +0200 Organization: Plymovent AB X-Mailer: Microsoft Internet-e-post/MAPI - 8.0.0.4211 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Thomas Uhrfelt wrote: > > > > Is there anyone out there that could write up a little "manual" of the > > different steps on what to do/edit to accomplish the below description > > using FreeBSD + ipfw + NAT or FreeBSD + IPF + IPNAT.. > > > > INTERNAL (192.168.1.xx) ------ (192.168.1.1)FreeBSD box(192.168.2.2) > > -------- (192.168.2.1)Congo Router(Dynamic IP)-------Internet > [stuff deleted] > > I'm afraid you cannot handle this case with neither NAT variant > mentioned above, since you need a public IP address on the machine doing > the actual NAT. So you have basically two possibilities: > 1. Perform NAT on the router itself, provided it can (I guess it > doesn't) > 2. Connect the FreeBSD box directly to the Internet, i.e. replace the > router with it - that's what I'm doing at our site (medium business). > Depending on the interface your router has to connect to your ISP you > may need to obtain a sychronous communication adapter - we are using > SDLComm's N2, i.e. the FreeBSD 'sr' device. I am totally new to the basics of Unix networking, but as we today have a network that is like: 192.168.1.xxx ----- 192.168.1.1 [ router ] ----> dynamic IP towards Internet How should I best configure a FreeBSD box to handle the packetfiltering and where should I put it into the chain. I can't replace the router as our supplier have special software installed to handle the ISDN connection. But as it works today with this configuration shouldnt the router already handle some form of NAT? I need all the help I can get Regards, Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message