Date: Wed, 20 Dec 2000 00:56:29 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Thomas Uhrfelt <thomas.uhrfelt@plymovent.se> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@FreeBSD.ORG> Subject: Re: NATD redirect part II Message-ID: <20001220005629.Q96105@149.211.6.64.reflexcom.com> In-Reply-To: <01C06A67.AA3BDEC0.thomas.uhrfelt@plymovent.se>; from thomas.uhrfelt@plymovent.se on Wed, Dec 20, 2000 at 09:31:42AM %2B0100 References: <01C06A67.AA3BDEC0.thomas.uhrfelt@plymovent.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 20, 2000 at 09:31:42AM +0100, Thomas Uhrfelt wrote: > Due to my somewhat confusing post about getting help with telnet redirects > I have decided to put a more extensive description of my setup and problem > for review by the people subscribing to this list. > > I manage two (2) FreeBSD gateways on seperate locations, both handling an > internal 192.168.*.* network - the traffic is is tunnled using pipsecd > between these networks. > > Network topology > -------------------- > 192.168.1.*----192.168.1.254(FREEBSD1)A.B.C.D---(I N T E R N E > T)---E.F.G.H(FREEBSD2)192.168.10.254---192.168.10.10(TELNETMACHINE) > > > Problem description > ------------------------ > > I want to allow people outside on the internet telnet access to the machine > above called TELNETMACHINE. Both FreeBSD gateways are using ipfw+natd for > NAT and Firewalling. I have tried using the directives: -redirect_port tcp > 192.168.10.10:23 8888 and -redirect_port udp 192.168.10.10:23 8888 on the > FREEBSD2 machine then tried to telnet into E.F.G.H on port 8888 (while > using tcpdump on both the external and internal interface on FREEBSD) but I > get no response. And the tcpdump shows the telnet from outside reaching > FREEBSD2 but there is no activity what so ever on the internal interface - > which in my opinion shows that I am making some fundamental error trying to > get natd to behave and redirect the telnet session. I am inclined to think > that I am the one being a moron here and that it's not due to a bug in > natd. > > Any pointers? I was thinking about giving up and using bounce until I saw > that it's only able to "bounce" tcp and not udp packets. Telnet does not use UDP. This is/will not be an issue. > There gotta be > someone out there with a similar problem like mine that has been solved.. > right? Sounds like there is a good chance it is being blocked by your firewall. What do your rules look like? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001220005629.Q96105>