From owner-freebsd-questions@FreeBSD.ORG Mon May 14 18:28:27 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 05A3F16A41B for ; Mon, 14 May 2007 18:28:27 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22]) by mx1.freebsd.org (Postfix) with ESMTP id E394E13C457 for ; Mon, 14 May 2007 18:28:26 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay7.apple.com (a17-128-113-37.apple.com [17.128.113.37]) by mail-out3.apple.com (Postfix) with ESMTP id D4F0512F813; Mon, 14 May 2007 11:28:02 -0700 (PDT) Received: from relay7.apple.com (unknown [127.0.0.1]) by relay7.apple.com (Symantec Mail Security) with ESMTP id 476F1304D5; Mon, 14 May 2007 11:28:21 -0700 (PDT) X-AuditID: 11807125-9f26ebb00000318d-a0-4648aa457ced Received: from [17.214.13.96] (cswiger1.apple.com [17.214.13.96]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay7.apple.com (Apple SCV relay) with ESMTP id 2FEDD3007E; Mon, 14 May 2007 11:28:21 -0700 (PDT) In-Reply-To: <46489CC7.9010704@dambala.net> References: <46489CC7.9010704@dambala.net> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed Message-Id: <6AE855F0-4114-4447-B621-387468BEB366@mac.com> Content-Transfer-Encoding: quoted-printable From: Chuck Swiger Date: Mon, 14 May 2007 11:28:20 -0700 To: Juan Sosa X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-questions@freebsd.org Subject: Re: Make a jail visible in different networks X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 May 2007 18:28:27 -0000 Hi-- On May 14, 2007, at 10:30 AM, Juan Sosa wrote: > I have a freebsd server (192.168.1.5) running a NATed jail =20 > (192.168.1.10). > > I set up mpd4 on this server in order to allow M$ clients access =20 > our 10.5.1.0/24 vpn. Since jails can=B4t have more than one ip =20 > address, is there a way to make 192.168.1.10 visible to the =20 > 10.5.1.0/24 network without changing the jail ip address? > > Summarizing, I need to have my jail serving in both LAN and VPN =20 > networks. Any suggestions? There are a number of approaches: the simplest involve either adding =20 static routes between your 10.5.1/24 subnet and your 192.168.1/24 =20 subnet, or setting up additional VPN endpoint on the 192.168.1/24 =20 network, or using NAT to map the jail IP onto the 10.5.1/24 netblock. Without knowing your topology, it's hard to make more specific =20 recommendations. --=20 -Chuck PS: Also, no need to ask the same question twice....