From owner-freebsd-questions@FreeBSD.ORG Thu Aug 3 23:33:53 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CEB0A16A4DA for ; Thu, 3 Aug 2006 23:33:53 +0000 (UTC) (envelope-from MTaylor@bytecraft.com.au) Received: from wolf.bytecraft.au.com (wolf.bytecraft.au.com [203.39.118.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6183E43D4C for ; Thu, 3 Aug 2006 23:33:51 +0000 (GMT) (envelope-from MTaylor@bytecraft.com.au) Received: from localhost (localhost [127.0.0.1]) by wolf.bytecraft.au.com (8.12.11/8.12.11) with ESMTP id k73NXmSV014710; Fri, 4 Aug 2006 09:33:48 +1000 (EST) (envelope-from MTaylor@bytecraft.com.au) Received: from wolf.bytecraft.au.com ([127.0.0.1]) by localhost (wolf.bytecraft.au.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 11739-07; Thu, 3 Aug 2006 23:33:21 +0000 (GMT) Received: from svmarshal.bytecraft.au.com ([10.0.0.4]) by wolf.bytecraft.au.com (8.12.11/8.12.11) with ESMTP id k73NXHkb014395; Fri, 4 Aug 2006 09:33:17 +1000 (EST) (envelope-from MTaylor@bytecraft.com.au) Received: from svmailmel.bytecraft.internal (Not Verified[10.0.0.24]) by svmarshal.bytecraft.au.com with MailMarshal (v5, 0, 3, 78) id ; Fri, 04 Aug 2006 09:33:17 +1000 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Date: Fri, 4 Aug 2006 09:33:16 +1000 Message-ID: <04E232FDCD9FBE43857F7066CAD3C0F11EEC93@svmailmel.bytecraft.internal> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Adding a FreeBSD Gateway on a DSL/ ATM circuit Thread-Index: Aca3K+D3ry4vElzIT0C6adJGhit0VwAKMKig From: "Murray Taylor" To: , Cc: Subject: RE: Adding a FreeBSD Gateway on a DSL/ ATM circuit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Aug 2006 23:33:53 -0000 look at the defaults in /etc/defaults/rc.conf specifically look for lines with gateway in them ie gateway_enable=3D"NO" copy the appropriate lines into /etc/rc.conf edit =20 ie gateway_enable=3D"YES" You will need to set the the default_route line also to point=20 to the isp I think ... HTH mjt > -----Original Message----- > From: owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of=20 > admin@hdk5.com > Sent: Friday, 4 August 2006 4:36 AM > To: freebsd-questions@freebsd.org > Subject: Adding a FreeBSD Gateway on a DSL/ ATM circuit >=20 > Aloha, >=20 > My current problem is that I need to use a box as a FreeBSD=20 > 6.* gateway/firewall to the internet protecting an MS box=20 > that is in the office for doing a lot of photo work and=20 > uploading to servers for the company my wife works with. I=20 > was going to use a freesco (Linux)disk=20 > /firewall/gateway/router like I have on my single dsl 1.5/384 line.=20 > (This is currently what is protecting the MS box on this circuit.) >=20 > However, the freesco setup does not work as a gateway on the=20 > leg of the ATM 5 IP circuit where we want to move the MS box=20 > to. I have tried to get it setup and have emailed the freesco=20 > lists and apparently no one has accomplished this. >=20 > I have now built a FreeBSD box with 2 nics to use as a=20 > gateway/router/firewall between the single MS box and the=20 > internet. ed1 is on the 66.xxx.132.236 leg of the ATM. The=20 > defaultgateway on the internet side of the ATM is 66.xxx.132.233. > The LAN side of the box ed0 is 192.168.1.1 to which the MS=20 > box is directed. ( I am using a test box 192.168.1.29 with=20 > FreeBSD 6* in place of the MS box at this point.) >=20 > I can ping from the gateway box nic to the internet ok. I can=20 > ping from the Test box to the Lan side of the gateway box OK.=20 > I cant reach the internet thru the gateway. I have read=20 > probably 5 howtos from the FreeBSD hand book and elsewhere=20 > and none are exactly what I am doing. >=20 > On FreeBSD Questions list recently there was a similar issue=20 > question posted but no body answered the post. >=20 > It had to do with rc.conf >=20 > Listing both Nics ifconfig_ed0 =3D66.xxx.132.236 netmask > 255.255.255.248 #inet side > ifconfig -ed1=3D192.168.1.1 netmask = > 255. 255.255.0 # lan side > and gateway_enable=3D"YES" which=20 > I have done. >=20 > At this point I have not attempted a firewall PF or IPFW=20 > since I cant reach the internet thru the gateway and I want=20 > to understand what is not right with this setup first. >=20 > If I use: route add -net 192.168.1 .29 192.168.1.1 >=20 > I can no longer ping the Lan side of the gateway from the test box. >=20 > Can you direct me to or give me a howto on setting this up so=20 > I can reach the internet if indeed its possible using a=20 > gateway/firewall on the leg of an ATM circuit? Any help would=20 > be appreciated. >=20 > Thanks, >=20 > Al Plant - Honolulu, Hawaii >=20 > - Admin -- http://hawaiidakine.com -- http://hdk5.com -- > -- http://internetohana.org -- http://freeBSDinfo.org -- +=20 > Supporting open source computing - FreeBSD 6.* + >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" >=20 > ***This Email has been scanned for Viruses by MailMarshal.*** >=20 --------------------------------------------------------------- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material.=20 E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --------------------------------------------------------------- ***This Email has been scanned for Viruses by MailMarshal.***