Date: Tue, 04 Jan 2000 11:14:53 -0500 From: "James A. Mutter" <jmutter@commercialmovers.com> To: freebsd-questions@freebsd.org Subject: Need some help with NAT Message-ID: <38721C7D.98FB7588@commercialmovers.com>
next in thread | raw e-mail | index | archive | help
I seem to be having a brain fart here getting NAT setup - I'm looking for some help. We're implementing NAT on the BSD box because it's breaking our Ascend P130 - so I don't need to do firewalling or packet filtering (Yet). I'd like to get this all up and running using the 'ipfilter' package so that implementing a firewall will be easy later on down the road. Here's what I've got so far: Kernel Options: IPFIREWALL IPFIREWALL_DEFAULT_TO_ACCEPT IPDIVERT IPFILTER IPSTEALTH (We'll use this later) TCP_DROP_SYNFIN (Again, we'll use this later) TCP_RESTRICT_RST (We'll use this later also) "ICMP_BANDLIM" In rc.conf we've got this: gateway_enable="YES" In rc.local we've got the following entries: /sbin/ipf -Fa -f /etc/ipf.rules -E /sbin/ipnat -CF -f /etc/ipnat.rules Finally, we've tried 2 different NIC combos - 1st try was 2NIC's, 2IP's, both plugged into the same LAN - That didn't work very well. 2nd try was 1NIC pn0=192.196.1.1 pn0:1=204.XXX.XXX.XXX - That doesn't seem to be working either. As soon as I activate the 'ipnat' rules the machine becomes inaccessible. However, pings from another machine on the network reveal something interesting (when ipnat is enabled) Pings are sent to the internal interface and returned by the external interface. Any ideas here? Thanks again, Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38721C7D.98FB7588>