Date: Tue, 5 Oct 1999 10:07:21 -0500 (CDT) From: Chris Dillon <cdillon@wolves.k12.mo.us> To: Yusuf Goolamabbas <yusufg@outblaze.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Trying to achieve zen with natd Message-ID: <Pine.BSF.4.10.9910050955230.37431-100000@mail.wolves.k12.mo.us> In-Reply-To: <19991005045350.11294.qmail@yusufg.portal2.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The freebsd-net mailing list has been trimmed, since it probably isn't wholly appropriate to this question: On 5 Oct 1999, Yusuf Goolamabbas wrote: > Hi, I have a FreeBSD 3.3-stable box with 2 NIC cards each bound to > static IP's and different ISP WAN interfaces (fxp0 and fxp1) > fxp0 is connected to a /25 network > fxp1 is connected to a /26 network > > Default router is fxp1 That doesn't really make any sense... Is fxp1 attached to your private network, or the public network? > I would like to configure this box to act as a NATD box. Set the right > kernel config and recompile the kernel > > /etc/rc.conf > > gateway_enable="YES" > firewall_enable="YES" > firewall_type="open" > natd_enable = "YES" > natd_interface = "fxp1" #Assuming this will take the public interface > natd_flags = "-u" The natd_interface does indeed take the public interface, but that isn't what you seem to be indicating below.... > I did the following in /etc/rc.local > > ifconfig fxp1 alias 192.168.0.1 netmask 255.255.255.0 You don't need to, and probably shouldn't, do this in /etc/rc.local. Add a line like this to /etc/rc.conf: ifconfig_fxp1_alias0="inet 192.168.0.1 netmask 255.255.255.0" > Setup a Windows box with IP 192.168.0.2 and gateway 192.168.0.1 > I can ping the gateway box, however I can't seem to get out to either > the /25 network or the /26 network This would seem to indicate fxp1 is your private interface, not the public interface. If so, change natd_interface to fxp0 (assuming it is your public interface). You appear to have everything else correct. If you are attempting to put the machines to be NATted (is that a new verb?) on the public network but part of an unregistered subnet, that is possible, but you would need to specify natd_interface="the.public.ip.address" instead of the interface name. > What am I missing ?? > > Thanks, Yusuf > > -- > Yusuf Goolamabbas > yusufg@outblaze.com -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet. For Intel x86 and Alpha architectures (SPARC under development). ( http://www.freebsd.org ) "One should admire Windows users. It takes a great deal of courage to trust Windows with your data." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9910050955230.37431-100000>