Date: Wed, 18 Jul 2001 14:45:36 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Dave <dave@reason.za.org> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: IPNAT Message-ID: <20010718143709.U18511-100000@cactus.fi.uba.ar> In-Reply-To: <001501c10fae$c5f9e7a0$3400a8c0@mandy>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you use proxy arp? You need to proxy ARP on the external NIC, bindig the external IP to the MAC of external NIC of the firewall. You shouldnt configure a.b.c.25 as an alias on rl0. arp -S a.b.c.25 <MAC of rl0> pub Fer On Wed, 18 Jul 2001, Dave wrote: > *Notices the lack of information on his behalf* > > 192.168.10.10 is a NT IIS server, > a.b.c.20 is the firewalls main address, *does web aswell etc* > ifconfig rl0 shows that a.b.c.25 is also up. > ipnat -l shows that a connection is made when i request one, > but nothing is returned. (Tested this from a dialup and the local box.) > > Strange thing is, it works on ONE box, a.b.c.102. I goto a.b.c.25 and it > gets the correct page and everything. > > I cant imaging why, no special settings, stock standard FBSD 4.3-STABLE box. > Both of them. > > Any more ideas? > > > > > > I already do nat for the whole 192.168.0.0/24 network, which works, > > > but I cant get it to do the bimap. My normal ip is .20 but I have > added > > > .25 to use for the bimap. > > > > confirm that a.b.c.25 is bound to the external interface (i.e. whichever > > interface is visible to the outside world) and that the bimap rule is > placed > > before the map rule... > > > > in /etc/ipnat.rules > > -> bimap rules > > -> rdr rules > > -> map rule > > > > Phil > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010718143709.U18511-100000>