Date: Thu, 18 Oct 2001 21:05:22 -0500 (CDT) From: Nick Rogness <nick@rogness.net> To: Mike Semcheski <jimmyjump77@hotmail.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ipfw and nat setup Message-ID: <Pine.BSF.4.21.0110182102430.62131-100000@cody.jharris.com> In-Reply-To: <OE33sCnQ13eZZfm95Ly00011a38@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 Dec 2001, Mike Semcheski wrote: [snip] > > Here's my situation: Right now, I have a FreeBSD 4.2 box with two > NIC's. fxp0 is hooked up via crossover to a Win2k box. tl0 is hooked > up (via a long cat-5) to my DSL router. I have a static IP (go > Speakeasy!). I am running among other things, ipfw, natd and named. > The Win2k's primary DNS is the FreeBSD box. Win2k can resolve names > with no problem, and can also ping tl0 with no problem. The FreeBSD > box is on the network, and can reach the outside world. The Win2k box > can resolve a name but can not access it. To me, either natd is not > aliasing this connection correctly or ipfw is blocking its > connections. I have tried a lot of different rules for ipfw, I have > not put a lot into setting up natd (other than natd_enable="yes" > natd_interface="fxp0" and natd_flags="-log -dynamic". I use > firewall_type="open". I have net.inet.ip.fw.verbose=1, and > firewall_logging="yes". In /etc/rc.conf you should have: gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="tl0" It looks as if you are running natd on the wrong interface...it should be the outside interface tl0, NOT fxp0. Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0110182102430.62131-100000>