From owner-freebsd-questions Tue Jul 25 13:29:22 2000 Delivered-To: freebsd-questions@freebsd.org Received: from snoopy.brwn.org (intgw1.brwn.org [196.28.127.66]) by hub.freebsd.org (Postfix) with ESMTP id 2E78137B7F1 for ; Tue, 25 Jul 2000 13:29:15 -0700 (PDT) (envelope-from willem@snoopy.brwn.org) Received: by snoopy.brwn.org (Postfix, from userid 1001) id 8629D1D9A; Tue, 25 Jul 2000 22:29:11 +0200 (SAST) Date: Tue, 25 Jul 2000 22:29:11 +0200 From: Willem Brown To: Bruce Pea Cc: freebsd-questions@freebsd.org Subject: Re: ipnat not behaving Message-ID: <20000725222911.E674@snoopy.brwn.org> References: <20000725183810.11611.qmail@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20000725183810.11611.qmail@hotmail.com>; from bruce_pea@hotmail.com on Tue, Jul 25, 2000 at 01:38:10PM -0500 X-Public-Key: http://willem.brwn.org/pubkey.txt X-Chat-Server: http://chat.brwn.org/ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, On Tue, Jul 25, 2000 at 01:38:10PM -0500, Bruce Pea wrote: > > I'm setting up ipnat and am having some problems. > > I have a FreeBSD v4.0 dual homed server with the following setup: > internal network card (fxp0): 192.168.255.1 > external network card (fxp1): 209.xx.xxx.xx > > I have compiled ipfilter into the kernel. > > defaultrouter=209.xx.xxx.xx Is this pointing to the IP of fxp1? or to the IP of the default gateway or uptream router on the fxp1 network? > gateway_enable="YES" > > I have ipf set to pass all both directions. > > My ipnat rules are: > > map fxp1 192.168.0.0/24 -> 0/32 portmap tcp/udp 40000 60000 Shouldn't there be a ":" between 40000 and 60000. ie. 40000:60000 and what happens if you use 209.xx.xxx.xx/32 insead of 0/32? > map fxp1 192.168.0.0/24 -> 0/32 > > When I log on to the server from a workstation I can ping the server at > 192.168.255.1 and I can ping the outside interface 209.xx.xxx.xx but I > cannot ping the router 209.xx.xxx.xx or anything beyond the outside > interface. Try ipnal -l to see if nat is working. > > I have tried using just 'map fxp1 192.0.0/24 -> 0/32' as the only ipnat rule > but it doesn't make any difference. I can't get past the external interface. > I found an archieved message that dealt with the same problem and tried what > was suggested but nothing works. > > What am I missing? > > Bruce > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Best Regards Willem Brown -- /* =============================================================== */ /* Linux, FreeBSD, NetBSD, OpenBSD. The choice is yours. */ /* =============================================================== */ Killing is wrong. -- Losira, "That Which Survives", stardate unknown To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message