From owner-freebsd-questions@FreeBSD.ORG Mon Oct 13 08:13:43 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78F9E16A4B3 for ; Mon, 13 Oct 2003 08:13:43 -0700 (PDT) Received: from p1028-ipbffx02marunouchi.tokyo.ocn.ne.jp (p1028-ipbffx02marunouchi.tokyo.ocn.ne.jp [220.111.132.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F35143FB1 for ; Mon, 13 Oct 2003 08:13:42 -0700 (PDT) (envelope-from lukek@meibin.net) Received: (qmail 15034 invoked by uid 89); 13 Oct 2003 15:13:40 -0000 Received: from unknown (HELO ?127.0.0.1?) (192.168.10.35) by 192.168.20.5 with SMTP; 13 Oct 2003 15:13:40 -0000 Date: Tue, 14 Oct 2003 00:07:04 +0900 From: Luke Kearney To: freebsd-questions@freebsd.org In-Reply-To: References: Message-Id: <20031014000134.CF8E.LUKEK@meibin.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-Mailer: Becky! ver. 2.07.01 Subject: Re: NAT and PPPoE problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Oct 2003 15:13:43 -0000 Hi, =46rom my casual observation your rc.conf has a spelling error in it, you have gatway_enable=3D"yes" should of course be gateway_enable=3D"yes". Sorr= y if you had picked it up earlier.=20 This is one of my favourites for setting up a router http://lantech.geekvenue.net/chucktips/jason/chuck/1031194375/index_html as is=20 http://www.schlacter.net/public/FreeBSD-STABLE_and_IPFILTER.html or http://renaud.waldura.com/doc/freebsd/firewall/ Good luck with that one LukeK On Sun, 12 Oct 2003 18:16:34 -0700 (PDT) Sean Noonan granted us these pearls of wisdom: > Hi Folks, >=20 > I've used NAT with FreeBSD for years now, but recently had to change my > ISP. My new ISP, SBC, uses PPPoE (yuck). I've finally got PPPoE working= , > but am having a heck of a time getting NAT to work with it. I'm tracking > STABLE and cvsup'd, etc, about two weeks ago to 4.9-PRERELEASE. Here's m= y > config: >=20 > /etc/ppp/ppp.conf: >=20 > default: > # PPP over Ethernet > set log phase tun command > set device PPPoE:dc0 > set mru 1492 > set mtu 1492 > set ctsrts off > set cd off > set redial 0 0 > set dial > set login > # set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 > set ifaddr 67.116.219.246/0 67.116.219.254/0 > add default HISADDR # Add a (sticky) default route > enable lqr > enable dns > SBC: > set authname myuserid@sbcglobal.net > set authkey mypassword >=20 > /etc/rc.conf: >=20 > ez_ipupdate_enable=3D"YES" > firewall_enable=3D"YES" > firewall_type=3D"open" > firewall_logging=3D"YES" > gatway_enable=3D"YES" > gif_interfaces=3D"gif0" > # gifconfig_gif0=3D"67.112.141.75 67.52.144.191" > hostname=3D"sean-noonan.kicks-ass.net" > ifconfig_xl0=3D"inet 192.168.6.1 netmask 255.255.255.0" > ipsec_enable=3D"YES" > kern_securelevel_enable=3D"NO" > linux_enable=3D"YES" > lpd_endable=3D"YES" > moused_enable=3D"YES" > moused_flags=3D"-3" > moused_type=3D"auto" > named_enable=3D"NO" > #natd_enable=3D"YES" > #natd_interface=3D"dc0" > network_interfaces=3D"xl0 dc0 gif0 tun0 lo0" > nfs_reserved_port_only=3D"YES" > nfs_server_enable=3D"YES" > nisdomainname=3D"NO" > ppp_enable=3D"YES" > ppp_mode=3D"ddial" > ppp_nat=3D"YES" > ppp_profile=3D"SBC" > saver=3D"logo" > sendmail_enable=3D"YES" > sshd_enable=3D"YES" > syslogd_enable=3D"YES" > tcp_extensions=3D"YES" > xntpd_enable=3D"YES" >=20 > output of ifconfig -a: >=20 > xl0: flags=3D8843 mtu 1500 > inet 192.168.6.1 netmask 0xffffff00 broadcast 192.168.6.255 > inet6 fe80::2a0:24ff:fed8:4738%xl0 prefixlen 64 scopeid 0x1 > ether 00:a0:24:d8:47:38 > media: Ethernet autoselect (100baseTX ) > status: active > dc0: flags=3D8843 mtu 1500 > inet6 fe80::204:5aff:fe45:5aa8%dc0 prefixlen 64 scopeid 0x2 > ether 00:04:5a:45:5a:a8 > media: Ethernet autoselect (100baseTX ) > status: active > lp0: flags=3D8810 mtu 1500 > lo0: flags=3D8049 mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 > inet 127.0.0.1 netmask 0xff000000 > ppp0: flags=3D8010 mtu 1500 > sl0: flags=3Dc010 mtu 552 > faith0: flags=3D8002 mtu 1500 > tun0: flags=3D8051 mtu 1492 > inet 67.121.201.208 --> 67.121.203.254 netmask 0xffffffff > Opened by PID 57 >=20 > output of netstat -rn: >=20 > Routing tables > Internet: > Destination Gateway Flags Refs Use Netif Expir= e > default 67.121.203.254 UGSc 4 30 tun0 > 67.121.203.254 67.121.201.208 UH 5 0 tun0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 192.168.6 link#1 UC 1 0 xl0 > 192.168.6.2 00:0c:76:51:77:7e UHLW 0 0 xl0 107= 9 >=20 > The RFC1918 PC is using 192.168.6.2 for its IP address and 192.168.6.1 fo= r > its default gateway. The RFC1918 PC can successfully ping the gateway's > internal and external interfaces, but nothing beyond. >=20 > Adding an ipfw rule like: >=20 > ipfw add 1 allow log ip from any to any >=20 > shows ping traffic betwen the inside interface of the gateway and the > RFC1918 PC, but nothing else. >=20 > I've tried several ways of involking NAT, including via the ppp.conf file= , > via the command-line, and via rc.conf (the current flavor). None seem to > work. >=20 > Anybody have an ideas on how to proceed?? >=20 > TIA, >=20 > --Sean Noonan. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg"