Date: Fri, 26 Dec 1997 16:24:01 -0800 (PST) From: "UC Computer / Transbay.Net" <root@transbay.net> To: freebsd-isp@freebsd.org Cc: reprint@transbay.net Subject: How to configure NAT, and can it do this in any case? Message-ID: <199712270024.QAA14757@transbay.net>
next in thread | raw e-mail | index | archive | help
I'm trying to set up a gateway/firewall box with a phony net on the inside. (office) gateway machine ......................... 192.168.254.X/24 <----> ed3=192.168.254.2/24 ed2=207.105.6.18/24 <----> INET I'd like the office machines to be able to transact web/ftp traffic, at a mimimum, and possibly SMTP, directly through the gateway/firewall. How do I configure natd / rc.firewall to get the gateway machine to 'proxy' for the unroutably addressed office machines? I thought that natd on the gateway could translate incoming packets from any 192.168.254.X box seen on the ed3 interface so that the packets would be sent to/from the internet over ed2 as if they had come from the gateway, and would be sent back to the 192.168.254.X machine as if the connection had been processed normally. Is that true? The man page for natd does not address the picture above, and in working with a test case I haven't been able to get any packets from a prototype office machine past the gateway. Apart from using a 'divert natd' statement, the firewall is not blocking anything. Even using one invocation of natd or one set of natd rules per office machine would be fine. -ecsd@transbay.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712270024.QAA14757>