From owner-freebsd-questions Tue Jun 15 8:14:33 1999 Delivered-To: freebsd-questions@freebsd.org Received: from trident.univ-lehavre.fr (trident.univ-lehavre.fr [193.48.167.60]) by hub.freebsd.org (Postfix) with ESMTP id DEF3614F88 for ; Tue, 15 Jun 1999 08:14:30 -0700 (PDT) (envelope-from erik@univ-lehavre.fr) Received: from sparc10.univ-lehavre.fr (sparc10.univ-lehavre.fr [193.48.167.1]) by trident.univ-lehavre.fr (8.9.3/8.9.3) with ESMTP id PAA01334 for ; Tue, 15 Jun 1999 15:10:12 +0200 Received: from univ-lehavre.fr (f40.univ-lehavre.fr [194.254.109.24]) by sparc10.univ-lehavre.fr (8.9.1b+Sun/8.9.1) with ESMTP id RAA02901 for ; Tue, 15 Jun 1999 17:14:02 +0100 (WET DST) Message-ID: <37666D8C.68DABBC@univ-lehavre.fr> Date: Tue, 15 Jun 1999 17:13:16 +0200 From: Erik de Zeeuw X-Mailer: Mozilla 4.51 [en] (X11; I; FreeBSD 3.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: NAT/Masquerading question Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I have to deal with 30 X Terminals, each one with its own public C class ip adress. The problem is that my C class adress space is getting shorter, and it would be a great thing to set up the terminals so that they only have a private ( 192.168.* ) adress. To achieve this, I grabbed a p133/32Mb/2Gb with one 3Com NIC ( 3c900 combo ) and a cheap NE2000 compatible, and installed a brand new FreeBSD 3.2-RELEASE on it. As I already use ipfw on another machine, I decided to use IPFilter to have a look at it. Everything seems to work OK, I used ipnat to do some NAT and hide the terminals behind the public address of the FreeBSD gateway. Terminals -------------> FreeBSD Gateway -------------> Outside ( 192.168.0.*) (192.168.0.1) (194.x.x.x ) ne2000/ed1 3Com/xl0 I used the following ipnat rules : map xl0 192.168.0.0/24 -> 194.X.X.X/32 portmap tcp/udp 40000:65000 map xl0 192.168.0.0/24 -> 194.X.X.X/32 The ping is ok from the terminals to the outside, and the telnet is working fine. The problem is that the X connections does not work. I read some more docs about NAT since, and it seems I have to use some kind of X proxy to make it work. Question is, where can I find a kind of X proxy ? The servers on which the terminals should connect are of several species ( Linux, Solaris 2.7, and an Irix 6.4 ). Another question is if there exists some other way to make the X connections work through the NAT gateway, may be using port redirection or other little toys ? May be using more than one real ip adress would help. If some of you did succeed in setting this kind of thing, I would be pleased to hear from them. I didn't checked the other way : natd, but I think it will give the same results, at least from the docs I've read. Thanks in advance, Erik de Zeeuw, Universite du Havre, erik@univ-lehavre.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message