From owner-freebsd-questions  Thu Jun 21 13: 9:17 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id E483937B401
	for <freebsd-questions@FreeBSD.ORG>; Thu, 21 Jun 2001 13:09:14 -0700 (PDT)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f5LLVik16143;
	Thu, 21 Jun 2001 16:31:44 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Thu, 21 Jun 2001 16:31:43 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Chuck Rock <carock@epconline.net>
Cc: freebsd-questions@FreeBSD.ORG
Subject: RE: Natd and IPFW ( I think I've asked before with no help)...
In-Reply-To: <003101c0fa8a$46041f40$1805010a@epconline.net>
Message-ID: <Pine.BSF.4.21.0106211626460.13834-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Thu, 21 Jun 2001, Chuck Rock wrote:

> I misunderstood my techs...
> 
> The forwarding of aliased IP's is working fine. The port forwarding for
> aliased IP's they couldn't get working.
> 
> I'm going to make sure we've tried all the possible commands for forwarding
> ports before I post again.
> 
> What I'm told now is that the aliased real IP's on an interface can't be
> forwarded by port number to an internal IP.
> 
> xl0 has inet=206.206.206.206 and alias IP of 206.206.206.207 and they want
> to forward port 80 coming into the alias ip 206.206.206.207 to 10.0.0.1 and
> port 25 coming into 206.206.206.207 to 10.0.0.2

	Add the following options to your nat configuration:

	redirect_port tcp 10.0.0.1:80 206.206.206.207:80
	redirect_port tcp 10.0.0.2:25 206.206.206.207:25

> 
> They haven't figured out how to get this working. If anyone has succesfully
> done this, a little help figuring out which of the three port forwarding
> command sytax's to use would be great.
> 

	You should also be doing proxy-arp for the 206.206.206.207 IP or
	it MAY not work from the outside world.


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
  "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message