Date: Tue, 25 Jul 2000 18:15:12 CDT From: "Bruce Pea" <bruce_pea@hotmail.com> To: willem@brwn.org, freebsd-questions@freebsd.org Subject: Re: ipnat still not behaving Message-ID: <20000725231512.33573.qmail@hotmail.com>
next in thread | raw e-mail | index | archive | help
OK, I put the colon in between 40000:60000 and I changed my ipnat rule to: map fxp1 192.168.0.0/24 -> 209.16.xxx.xx/32 portmap tcp/udp 40000:60000 map fxp1 192.168.0.0/24 -> 209.16.xxx.xx/32 where 209.16.xxx.xx is the ip number of fxp1 the interface to the internet. I rebooted, logged in from a workstation and tried to ping a server on the internet from the workstation. No luck! I can ping both internal and external interfaces on our server (192.168.255.1 and 209.16.xxx.xx) but I can't ping the upstream router that the external card is connected to. Now I can log in to the server and I can ping the world from the console but for some reason I can't get beyound the external interface when I try to ping from a workstation. I also ran ipnat -l to see if ipnat was running and got the following: List of active MAP/Redirect filters: map fxp1 192.168.0.0/24 -> 209.16.xxx.xx/32 List of active sessions: I've checked everything I can think of. Does anyone have any ideas? Thanks - Bruce >From: Willem Brown <willem@brwn.org> >To: Bruce Pea <bruce_pea@hotmail.com> >CC: freebsd-questions@freebsd.org >Subject: Re: ipnat not behaving >Date: Tue, 25 Jul 2000 22:29:11 +0200 > >Hi, > > >On Tue, Jul 25, 2000 at 01:38:10PM -0500, Bruce Pea wrote: > > > > I'm setting up ipnat and am having some problems. > > > > I have a FreeBSD v4.0 dual homed server with the following setup: > > internal network card (fxp0): 192.168.255.1 > > external network card (fxp1): 209.xx.xxx.xx > > > > I have compiled ipfilter into the kernel. > > > > defaultrouter=209.xx.xxx.xx > >Is this pointing to the IP of fxp1? or to the IP of the default gateway or >uptream router on the fxp1 network? > > > gateway_enable="YES" > > > > I have ipf set to pass all both directions. > > > > My ipnat rules are: > > > > map fxp1 192.168.0.0/24 -> 0/32 portmap tcp/udp 40000 60000 > >Shouldn't there be a ":" between 40000 and 60000. ie. 40000:60000 and what >happens >if you use 209.xx.xxx.xx/32 insead of 0/32? > > > map fxp1 192.168.0.0/24 -> 0/32 > > > > When I log on to the server from a workstation I can ping the server at > > 192.168.255.1 and I can ping the outside interface 209.xx.xxx.xx but I > > cannot ping the router 209.xx.xxx.xx or anything beyond the outside > > interface. > >Try ipnal -l to see if nat is working. > > > > > I have tried using just 'map fxp1 192.0.0/24 -> 0/32' as the only ipnat >rule > > but it doesn't make any difference. I can't get past the external >interface. > > I found an archieved message that dealt with the same problem and tried >what > > was suggested but nothing works. > > > > What am I missing? > > > > Bruce > > > > ________________________________________________________________________ > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > >Best Regards >Willem Brown > >-- > /* =============================================================== */ > /* Linux, FreeBSD, NetBSD, OpenBSD. The choice is yours. */ > /* =============================================================== */ > >Killing is wrong. > -- Losira, "That Which Survives", stardate unknown ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000725231512.33573.qmail>