From owner-freebsd-ipfw  Wed Sep 26 10:44:43 2001
Delivered-To: freebsd-ipfw@freebsd.org
Received: from smgwisys.intersys.com.mx (smgwisys.intersys.com.mx [206.65.32.41])
	by hub.freebsd.org (Postfix) with SMTP id CD29D37B434
	for <freebsd-ipfw@freebsd.org>; Wed, 26 Sep 2001 10:44:39 -0700 (PDT)
Received: by smgwisys.intersys.com.mx(Lotus SMTP MTA v4.6.4  (830.2 3-23-1999))  id 06256AD3.00670328 ; Wed, 26 Sep 2001 12:45:10 -0600
X-Lotus-FromDomain: INTERSYS@ISYS
From: rrios@intersys.com.mx
To: freebsd-ipfw@freebsd.org
Message-ID: <06256AD3.00670172.00@smgwisys.intersys.com.mx>
Date: Wed, 26 Sep 2001 12:23:51 -0600
Subject: It could be a dynamic nat-ip-pool on FreeBSD??
Mime-Version: 1.0
Content-type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG




Maybe any has ever seen some configuration on PIX or FW-IOS where a pool-ip cant
exist to do NAT  for example:
------------------------
Router:
!
interface FastEthernet0/0
 ip address 148.x.x.1 255.255.255.240 secondary
 ip address 10.10.10.2 255.255.0.0
 ip nat inside
!
interface Serial0/0:0
 ip address 148.x.x.1 255.255.255.252
 ip nat outside
!
ip nat pool internet 148.x.x.212 148.x.x.222 netmask 255.255.255.240
ip nat inside source list 1 pool internet overload
!
access-list 1 permit 10.10.0.0 0.0.255.255
-------------------------
PIX:

 ip address outside 200.x.x.3 255.255.255.192
 ip address inside 10.139.10.4 255.255.255.0
 global (outside) 1 200.x.x.10-200.x.x.63
 nat (inside) 1 0.0.0.0 0.0.0.0

-------------------------


I would like to know if anibody has ever try to do this in FreeBSD box, the
problem is with only one IP for NAT I have
problems with some aplications like IRC, Messangers etc.. "ipfw add divert natd
all from any to any xl0" xl0-public

It's not possible to try redirect_address becouse exist a DHCP behind and then
will be problems with arp entry's, leases etc..



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message