From owner-freebsd-net Tue Sep 3 4:18: 8 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69F8C37B400 for ; Tue, 3 Sep 2002 04:18:02 -0700 (PDT) Received: from femme.sapphite.org (pcp02268182pcs.longhl01.md.comcast.net [68.50.99.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id F001543E4A for ; Tue, 3 Sep 2002 04:17:53 -0700 (PDT) (envelope-from trish@bsdunix.net) Received: from localhost (trish@localhost [127.0.0.1]) by femme.sapphite.org (8.12.5/8.12.5) with ESMTP id g83BHxeR013962; Tue, 3 Sep 2002 07:18:00 -0400 (EDT) (envelope-from trish@bsdunix.net) Date: Tue, 3 Sep 2002 07:17:59 -0400 (EDT) From: Trish Lynch X-X-Sender: To: Cc: Subject: Re: Need ER Help Setting Up My 4.6.2 Box Behind a Nated Router In-Reply-To: Message-ID: <20020903071401.K437-100000@femme.sapphite.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 3 Sep 2002 bvagnoni@comcast.net wrote: > Dear All;; > > I have a 4.6.2 box connected to a Firebox 700, which is doing one to one > nat. The firebox is setup to take public ip 64.220.249.197/29, gateway > 64.220.249.193 and translate it to 192.168.1.103/24, gateway 192.168.1.1. > > I can ping the private gateway, the box itself and other computers on the > network, But I can not ping anything out side of it. I have other machince > none freebsd boxes on the same private network that can get out on the net > fine without any problems. > > The interface that I'm using is called sf0 which is attached to an adpatec > nic card which is connected to the firebox. > > The contents of my rc.conf file are as follows: > > defaultrouter="192.168.1.1" > hostname="system3.v-system.net" > ifconfig_sf0="inet 192.168.1.103 netmask 255.255.255.0" > kern_securelevel_enable="NO" > linux_enable="YES" > moused_enable="YES" > nfs_reserved_port="YES" > sendmail_enable="YES" > sshd_enable="YES" > nfs_server_enable="YES" > gateway_enable="YES" uhhh why? is this machine a router for other machines? > firewall_enable="YES" if its open why bother with this... > firewall_type="OPEN" and this.... > natd_enable="YES" if its not routing packets for other machines...turn this off > natd_interface="sf0" delete that > natd_flags="" delete that > sysctl net.inet.ip.forwarding=1 > this is the same as `gateway_enable="YES"` > natd is not listed in services I took it out as it didn't seem to help > helping it in there. > > other available interfaces are fxp0(unused intel nic card) ppp0, sl0, faith0 > > I don't care about a firewall as it's totally behind the firebox 700. I just > want to be able to send and receiev packets to and from the internet to that > box. > well I'm still confused as to how the network is actually set up here. > WHat am I dong wrong. Please any help, it's 4am here and I've looked though > the man, the 2 years worht of e-mails and I just can't find the answer. I > wish there was a faq about this subject. It seems like a common problem > obviously not. its just you :) > SO please I have a server that is down right now if you could help I would > be enternally gateful. Please please I so burnt at this point. > > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_VERBOSE > shouldn;t make a difference. > > save & exit > > cd /usr/src > > make buildkernel KENCONF=SYSTEM3 > make installkernel KENCONF=SYSTEM3 > sync > reboot > -Trish -- Trish Lynch trish@bsdunix.net Ecartis Core Team trish@listmistress.org Key fingerprint = C44E 8E63 6E3C 18BD 608F E004 9DC7 C2E9 0E24 DFBD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message