From owner-freebsd-net@FreeBSD.ORG Tue Jul 22 03:41:57 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D49C37B401 for ; Tue, 22 Jul 2003 03:41:57 -0700 (PDT) Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id D0BEE43FBD for ; Tue, 22 Jul 2003 03:41:56 -0700 (PDT) (envelope-from zel@free.fr) Received: from impt3-1.proxad.net (impt3-1.free.fr [213.228.0.81]) by postfix4-1.free.fr (Postfix) with ESMTP id EEF6F3F0B9 for ; Tue, 22 Jul 2003 12:41:49 +0200 (CEST) Received: by impt3-1.proxad.net (Postfix, from userid 33) id DC6C6C46B; Tue, 22 Jul 2003 12:41:49 +0200 (MEST) Received: from 81.80.243.157 ([81.80.243.157]) by impt3-1.free.fr (IMP) with HTTP for ; Tue, 22 Jul 2003 12:41:49 +0200 Message-ID: <1058870509.3f1d14ed08f69@impt3-1.free.fr> Date: Tue, 22 Jul 2003 12:41:49 +0200 From: zel@free.fr To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.2.1 Subject: [net]pb of newbee !!! X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2003 10:41:57 -0000 Here is my problem... Ethernet 10.0.0.0/24 <-----> 192.168.1.0/24 workstations. ADSL <---- FreeBSD firewalling routing Modem <-----> 10.1.0.0/24 servers (DMZ) So the firewall has some net interfaces: ep0, ed1 and ed2 but also tun0 for ADSL pppoe... I use natd for nating all packets through Internet but I would like offer a FTP service over Internet and my local AREA. My FTP server is launched on an another FreeBSD computer placed in the DMZ. Currently, all workstations can access to it, and the firewall too. But, I cannot access to my FTP server from outside... Someone gave me the following solution but, it does not work... (possibly due to a mystake in my configuration) natd -dynamic -n tun0 -redirect_port 10.1.0.1:ftp ftp (10.1.0.1 is the ftp server IP address). When I look what it is spending, i got the following results. tun0 receive the incoming packet but does not forward it to the good computer. (ftp client shows so the classic message: "connection closed by host", which is meaning that the ftp client try to connect to the firewall instead of the ftp server) So: What I have to do to make it works ? Thanks for your help... Sylvain.