Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Oct 2017 22:30:26 +0200 (CEST)
From:      =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no>
To:        FreeBSD questions <freebsd-questions@freebsd.org>
Subject:   Re: Routing problem
Message-ID:  <alpine.BSF.2.21.1710232227510.44721@mail.fig.ol.no>
In-Reply-To: <CAC-QnVUYd1yy0L5iT5bfXaio2jePhd4ikTY3qa8vxVY2gw2BUQ@mail.gmail.com>
References:  <CAC-QnVUYd1yy0L5iT5bfXaio2jePhd4ikTY3qa8vxVY2gw2BUQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 23 Oct 2017 15:19-0400, Efren Bravo wrote:

> Hi there,
> 
> I installed a FreeBSD 10.1 box and upgraded to 10.4. I tried to configure
> this box as a FW but I can't get ping works from inside LAN to outside
> world, neither any tcp/upd connection. Basic configs:
> 
> router ip: 190.92.124.89
> 
> kernel (recompiled & installed OK):
> a lot of innecesary things disabled before recompilation
> ---
> options IPFILTER
> options IPFILTER_LOG
> options IPFILTER_LOOKUP
> options IPFILTER_DEFAULT_BLOCK
> 
> /etc/rc.conf
> ---

> #WAN
> ifconfig_re0="inet 190.92.124.90 netmask 255.255.255.248"

Public IPv4 address space.

> # LAN
> ifconfig_em0="inet 10.170.0.1 netmask 25.255.255.128"

Private IPv4 address space.

Do you plan on setting up NAT44 on this box? You should if you want 
this setup to work as expected.

> defaultrouter="190.92.124.89"
> gateway_eanble="YES"
> 
> /etc/ipfilter.rules
> ---
> pass out quick lo0 all
> pass in quick lo0 all
> 
> pass out quick em0 all
> pass in quick em0 all
> 
> pass out quick re0 all
> pass in quick re0 all
> 
> Routing tables
> ---
> Destin                  GW                  Flags  Netif
> default                  190.92.124.89   UGS   re0
> 10.170.0.0/25        link#1               U       em0
> 10.170.0.21           link#1               UHS   lo0
> 127.0.0.1               link#3               UH    lo0
> 190.92.124.88/29   link#2               U       re0
> 190.92.124.91       link#2               UHS   lo0
> 
> >From inside box I can ping outside world and inside LAN, but from a
> internal PC (IP:10.170.0.11) I cannot reach outside world.
> 
> I need help, someone who tell where to look to fix it because I don't
> realize why happens this.
> thanks in advance

-- 
Trond.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.21.1710232227510.44721>