Date: Sun, 08 Jul 2001 00:30:23 +1000 From: Rob Secombe <robseco@teksupport.net.au> To: freebsd-isp@freebsd.org Subject: Can anyone explain this? Message-ID: <3.0.5.32.20010708003023.03759b60@secombe>
next in thread | raw e-mail | index | archive | help
Hi all,
I recently upgraded a customers link from ISDN using a TA to ADSL using the
Alcatel Speed Touch Home ADSL modem and pppoe, as supplied by the access
provider. The machine is acting as a gateway/firewall with one NIC
connected to the LAN and a second connecting the ADSL modem and uses
userland ppp -nat and ipfw.
Here is the problem. Everthing works fine from the gateway machine to any
machine on the inside or the outside. Browsing works ok provided we use a
proxy on the gateway. As soon as we try to forward packets across the
gateway via ppp nat something goes awry. For instance, if I try to collect
mail from an external pop server the client will establish a connection but
will not transfer data. Passive FTP works ok from the gateway but not from
a workstation on the inside. We were ipforwarding external smtp to a
internal mail server but that doesn't work either. I have temporarily set
up sendmail on the gateway to route the mail to the internal server. which
does work. The wierd thing is that I can ping hosts across the gateway with
varing packet sizes, establish a telnet session with a pop server and even
manually do a 'retr' but if I use a mail client it locks up and the pop
server drops the connection. The Internal network is not using 'private'
ip's but the customer owns the class c, it is behind NAT and the network is
not advertised. I have also tried it with the firewall open but to no avail.
Here is the config:
FreeBSD 3.4-RELEASE
ppp.conf
adsl:
set device PPPoE:rl1
set mru 1492
set mtu 1492
set authname xxxxxxxx
set authkey xxxxxxxxx
set speed sync
enable lqr
set cd 5
set dial
set login
set redial 0 0
set ifaddr 0/0 0/0
add default HISADDR
nat enable yes
#nat port tcp 203.34.150.3:25 25
nat port tcp 203.34.150.3:80 8000
nat port tcp 203.34.150.2:80 80
nat port tcp 203.34.150.5:80 8080
nat port tcp 203.34.150.5:81 8001
nat port tcp 203.34.150.5:13000 13000
nat port tcp 203.34.150.5:13001 13001
nat port tcp 203.34.150.5:13999 13999
ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 203.34.150.1 netmask 0xffffff00 broadcast 203.34.150.255
ether 00:60:67:06:94:0b
media: autoselect (100baseTX <half-duplex>)
supported media: autoselect 100baseTX <full-duplex> 100baseTX
<half-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 10baseT/UTP
<half-duplex>
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
ether 00:60:67:79:61:c2
media: autoselect
supported media: autoselect 100baseTX <full-duplex> 100baseTX
<half-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP 10baseT/UTP
<half-duplex>
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet xxx.xxx.xxx.xxx --> yyy.yyy.yyy.yyy netmask 0xffffff00
Anybody got any ideas - 'cause I have run out.
Thanks
Rob.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20010708003023.03759b60>