Date: Thu, 22 Mar 2001 12:45:14 -0600 From: "Mike Blend" <admin@treasure.yi.org> To: <freebsd-questions@freebsd.org> Subject: IPFW/NATD Scenario Message-ID: <PIEHIJCHILMFAJEFGEBNAEEBCAAA.admin@treasure.yi.org>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0012_01C0B2CD.F0C201E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit I'm new to both FreeBSD and NAT, so please bear with me. With the help of a net-friend I have successfully setup a FreeBSD 4.2 machine with 2 NICS, one for an internal connection and one for an external connection. The machine is acting as a firewall/gateway for the internal network. It all appears to be functioning properly at this point. Here's what I want to do, and how I understand how it needs to be done : I have a Win2000 server hosting mail and web for 4 domains. That machine has 4 internet IP addresses assigned to its external NIC. Each one of those ip addresses is for one domain. The web and mail servers for each domain point to one of those ips. What I want to do (I think) is replace the external ips on the win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD box accept the incoming traffic to my 4 external ips and route that traffic to the correct internal ip on the win2000 server….using one-to-one NAT if I understand correctly. At that point I will be able to control the traffic to the web/mail server by allowing only those ports and services that I need. I want to make sure that I've got the right idea, and if so, could someone please explain to me (or direct me to documentation) how to assign those 4 additional external ip addresses to the external NIC in my FreeBSD box? Comments, thoughts, suggestions? Any help is GREATLY appreciated. Thanx in advance. Jim Sparks ------=_NextPart_000_0012_01C0B2CD.F0C201E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns=3D"http://www.w3.org/TR/REC-html40">; <head> <meta http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <meta name=3DProgId content=3DWord.Document> <meta name=3DGenerator content=3D"Microsoft Word 9"> <meta name=3DOriginator content=3D"Microsoft Word 9"> <link rel=3DFile-List href=3D"cid:filelist.xml@01C0B2CD.F067FB00"> <title>I'm new to both FreeBSD and NAT, so please bear with me</title> <!--[if gte mso 9]><xml> <o:DocumentProperties> <o:Revision>2</o:Revision> <o:TotalTime>17</o:TotalTime> <o:Created>2001-03-22T18:04:00Z</o:Created> <o:LastSaved>2001-03-22T18:31:00Z</o:LastSaved> <o:Pages>1</o:Pages> <o:Words>207</o:Words> <o:Characters>1183</o:Characters> <o:Company>Mayville School District</o:Company> <o:Lines>9</o:Lines> <o:Paragraphs>2</o:Paragraphs> <o:CharactersWithSpaces>1452</o:CharactersWithSpaces> <o:Version>9.2720</o:Version> </o:DocumentProperties> <o:OfficeDocumentSettings> <o:DoNotRelyOnCSS/> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 9]><xml> <w:WordDocument> <w:DocumentKind>DocumentEmail</w:DocumentKind> <w:EnvelopeVis/> <w:DoNotOptimizeForBrowser/> </w:WordDocument> </xml><![endif]--> <style> <!-- /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-parent:""; margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig {margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} span.EmailStyle15 {mso-style-type:personal-compose; mso-ansi-font-size:10.0pt; mso-ascii-font-family:Arial; mso-hansi-font-family:Arial; mso-bidi-font-family:Arial; color:black;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} --> </style> </head> <body lang=3DEN-US style=3D'tab-interval:.5in'> <div class=3DSection1> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I'm new to both FreeBSD and NAT, so please bear with = me.<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>With the help of a net-friend I have successfully setup a FreeBSD = 4.2 machine with 2 NICS, one for an internal connection and one for an = external connection. The machine is acting as a firewall/gateway for the internal network.<span style=3D"mso-spacerun: yes"> </span>It all appears = to be functioning properly at this point.<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Here's what I want to do, and how I understand how it needs to be = done :<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I have a Win2000 server hosting mail and web for 4 domains.<span style=3D"mso-spacerun: yes"> </span>That machine has 4 internet IP = addresses assigned to its external NIC.<span style=3D"mso-spacerun: yes"> = </span>Each one of those ip addresses is for one domain. The web and mail servers = for each domain point to one of those ips.<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>What I want to do (I think) is replace the external ips on the = win2000 box with internal ips…10.0.0.x - and I want to have my new FreeBSD = box accept the incoming traffic to my 4 external ips and route that traffic to the = correct internal ip on the win2000 server….using one-to-one NAT if I = understand correctly.<span style=3D"mso-spacerun: yes"> </span>At that point = I will be able to control the traffic to the web/mail server by allowing only = those ports and services that I need.<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>I want to make sure that I've got the right idea, and if so, = could someone please explain to me (or direct me to documentation) how to = assign those 4 additional external ip addresses to the external NIC in my = FreeBSD box?<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Comments, thoughts, suggestions?<span style=3D"mso-spacerun: = yes"> </span>Any help is GREATLY appreciated. Thanx in = advance.<o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family: Arial'>Jim Sparks<o:p></o:p></span></font></span></p> </div> </body> </html> ------=_NextPart_000_0012_01C0B2CD.F0C201E0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?PIEHIJCHILMFAJEFGEBNAEEBCAAA.admin>