Date: Thu, 12 Jan 2006 10:43:21 -0500 From: "fbsd_user" <fbsd_user@a1poweruser.com> To: "cedric Gross" <cgross@2blc.Com>, <freebsd-questions@freebsd.org> Subject: RE: IpNat and 3 NIC Message-ID: <MIEPLLIBMLEEABPDBIEGIEGFHLAA.fbsd_user@a1poweruser.com> In-Reply-To: <20060112145707.76A8D6D667@bruce.cnv.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
You have ipnat statements wrong. should be liked this map vr0 10.0.0.0/8 -> 0.32 proxy port ftp ftp/tcp map vr0 10.0.0.0/8 -> 0.32 portmap tcp/udp 20000:60000 map vr0 10.0.0.0/8 -> 0.32 map vr0 192.168.0.0/30 -> 0.32 portmap tcp/udp auto map vr0 192.168.0.32/27 -> 0.32 portmap tcp/udp auto map vr0 192.168.0.32/27 -> 0.32 map vr0 192.168.0.96/27 -> 0.32 portmap tcp/udp auto map vr0 192.168.0.96/27 -> 0.32 rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp Note map vr1 has been changed to vr0 If your public IP 84.96.23.106 is not dedicated to you by your ISP, then you should not be hard coding it in your IPnat rules. Read the Freebsd ipfilter documentation in the handbook for details. 0.32 = The IP address/netmask assigned by your ISP. The special keyword 0.32 tells ipnat to get the current public IP address of the interface specified on this statement and substitute it for the 0.32 keyword. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of cedric Gross Sent: Thursday, January 12, 2006 9:58 AM To: freebsd-questions@freebsd.org Subject: IpNat and 3 NIC Hello, I have my FreeBSD 5.4 box with 3 NIC : Xl0 LAN with network 10.0.0.0/8 and 192.168.0.0/30 VR0 Wan 84.96.23.106/32 VR1 LAN with network 192.168.0.32/27 and 192.168.0.96/27 I use IPNAT and Ip filter. I'm doing NAT from Xl0 to Vr0, it's working fine I'm trying to do the same thing with vr1 to Vr0 but it's seems that traffic coming from vr1 are not translated. Is there a interface limitation with IPNAT ? Is there a way to do translation from both NIC ? Here is my ipnat.conf : map vr0 10.0.0.0/8 -> 84.96.23.106/32 proxy port ftp ftp/tcp map vr0 10.0.0.0/8 -> 84.96.23.106/32 portmap tcp/udp 20000:60000 map vr0 10.0.0.0/8 -> 84.96.23.106/32 map vr0 192.168.0.0/30 -> 84.96.23.106/32 portmap tcp/udp auto map vr1 192.168.0.32/27 -> 84.96.23.106/32 portmap tcp/udp auto map vr1 192.168.0.32/27 -> 84.96.23.106/32 map vr1 192.168.0.96/27 -> 84.96.23.106/32 portmap tcp/udp auto map vr1 192.168.0.96/27 -> 84.96.23.106/32 rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp Thanks for help. Cedric _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGIEGFHLAA.fbsd_user>