From owner-freebsd-net Tue Sep 3 6: 3: 4 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C59BF37B400 for ; Tue, 3 Sep 2002 06:02:56 -0700 (PDT) Received: from smtp.comcast.net (smtp.comcast.net [24.153.64.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4EAA543E75 for ; Tue, 3 Sep 2002 06:02:56 -0700 (PDT) (envelope-from bvagnoni@comcast.net) Disposition-notification-to: bvagnoni@comcast.net Received: from system1 (pcp01325377pcs.pwayne01.pa.comcast.net [68.81.19.184]) by mtaout06.icomcast.net (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 13 2002)) with SMTP id <0H1V0012Y5JUT7@mtaout06.icomcast.net> for freebsd-net@freebsd.org; Tue, 03 Sep 2002 09:02:19 -0400 (EDT) Date: Tue, 03 Sep 2002 09:01:48 -0400 From: bvagnoni@comcast.net Subject: FW: Need ER Help Setting Up My 4.6.2 Box Behind a Nated Router To: freebsd-net@freebsd.org Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear Trish; Hi. No it's not a router for other machines. It's just a machine behind a router the Watch Firebox 700 that I wnat to allow to send and receive packets to and fromt he internet. internet 64.229.249.194/29 -----> 1 to 1 NAT for addresses 64.220.249.195-198 --- 192.168.1.101 - 104 firebox router 64.220.249.193 ---- >> 192.168.1.1 | | | |----------------------|--------------------------|------------windows box windows web server windows box freebsdbox 192.168.1.101 192.168.1.102 192.168.1..103 192.168.1.104 I hope that derfined my network better for you. Sincerely Brian -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Trish Lynch Sent: Tuesday, September 03, 2002 7:18 AM To: bvagnoni@comcast.net Cc: freebsd-net@FreeBSD.ORG Subject: Re: Need ER Help Setting Up My 4.6.2 Box Behind a Nated Router On Tue, 3 Sep 2002 bvagnoni@comcast.net wrote: > Dear All;; > > I have a 4.6.2 box connected to a Firebox 700, which is doing one to one > nat. The firebox is setup to take public ip 64.220.249.197/29, gateway > 64.220.249.193 and translate it to 192.168.1.103/24, gateway 192.168.1.1. > > I can ping the private gateway, the box itself and other computers on the > network, But I can not ping anything out side of it. I have other machince > none freebsd boxes on the same private network that can get out on the net > fine without any problems. > > The interface that I'm using is called sf0 which is attached to an adpatec > nic card which is connected to the firebox. > > The contents of my rc.conf file are as follows: > > defaultrouter="192.168.1.1" > hostname="system3.v-system.net" > ifconfig_sf0="inet 192.168.1.103 netmask 255.255.255.0" > kern_securelevel_enable="NO" > linux_enable="YES" > moused_enable="YES" > nfs_reserved_port="YES" > sendmail_enable="YES" > sshd_enable="YES" > nfs_server_enable="YES" > gateway_enable="YES" uhhh why? is this machine a router for other machines? > firewall_enable="YES" if its open why bother with this... > firewall_type="OPEN" and this.... > natd_enable="YES" if its not routing packets for other machines...turn this off > natd_interface="sf0" delete that > natd_flags="" delete that > sysctl net.inet.ip.forwarding=1 > this is the same as `gateway_enable="YES"` > natd is not listed in services I took it out as it didn't seem to help > helping it in there. > > other available interfaces are fxp0(unused intel nic card) ppp0, sl0, faith0 > > I don't care about a firewall as it's totally behind the firebox 700. I just > want to be able to send and receiev packets to and from the internet to that > box. > well I'm still confused as to how the network is actually set up here. > WHat am I dong wrong. Please any help, it's 4am here and I've looked though > the man, the 2 years worht of e-mails and I just can't find the answer. I > wish there was a faq about this subject. It seems like a common problem > obviously not. its just you :) > SO please I have a server that is down right now if you could help I would > be enternally gateful. Please please I so burnt at this point. > > options IPFIREWALL > options IPDIVERT > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_VERBOSE > shouldn;t make a difference. > > save & exit > > cd /usr/src > > make buildkernel KENCONF=SYSTEM3 > make installkernel KENCONF=SYSTEM3 > sync > reboot > -Trish -- Trish Lynch trish@bsdunix.net Ecartis Core Team trish@listmistress.org Key fingerprint = C44E 8E63 6E3C 18BD 608F E004 9DC7 C2E9 0E24 DFBD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message