Date: Mon, 03 Apr 2000 08:23:26 +0100 From: Brian Somers <brian@Awfulhak.org> To: Brendan Kosowski <brendan@bmk.com.au> Cc: FreeBSD Networking <freebsd-net@FreeBSD.ORG>, brian@hak.lan.Awfulhak.org Subject: Re: natd problem Message-ID: <200004030723.IAA00468@hak.lan.Awfulhak.org> In-Reply-To: Message from Brendan Kosowski <brendan@bmk.com.au> of "Mon, 03 Apr 2000 00:52:04 %2B1000." <Pine.BSF.3.96.1000403002358.14231A-100000@garfield>
next in thread | previous in thread | raw e-mail | index | archive | help
The problem here is that the reply packets are going direct and
aren't getting de-aliased by natd - natd doesn't even get to see them.
I don't think there's any clean way of doing this - except maybe
assigning a different real IP number to the target machine and
letting everything else on the network know it's there via their
routing tables.
> I am running a NAT using natd and the standard OPEN firewall setting.
>
> The NAT has 2 ethernet cards, one to a PUBLIC ETHERNET and the other to
> our LOCAL ETHERNET (192.168.etc...)
>
> The natd has been setup with the "-redirect_port" option so that a certain
> port on the NAT PUBLIC INTERFACE gets redirected to a server on our LOCAL
> ETHERNET therefore giving our server a PUBLIC ADDRESS/PORT.
>
> The problem occurs when a P.C. on the LOCAL ETHERNET tries to access the
> SERVER on the LOCAL ETHERNET by way of its PUBLIC ADDRESS/PORT. The NAT
> seems to deny packets.
>
> It is absolutely necessary that I can get natd to do this. Accessing the
> SERVER via it's local address in an unacceptable solution.
>
> Can ANYONE help ???
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004030723.IAA00468>