From owner-freebsd-questions Thu Oct 10 13:11:40 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C2A037B404 for ; Thu, 10 Oct 2002 13:11:38 -0700 (PDT) Received: from excelsystems.com (h24-70-196-170.sbm.shawcable.net [24.70.196.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B2E243EBE for ; Thu, 10 Oct 2002 13:11:37 -0700 (PDT) (envelope-from hunter@hunter.net) Received: from home [24.70.196.175] by excelsystems.com [127.0.0.1] with SMTP (MDaemon.PRO.v5.0.1.R) for ; Thu, 10 Oct 2002 13:05:23 -0700 Message-Id: <4.2.0.58.20021010130144.00bc7a10@192.168.0.64> X-Sender: hunter#pop.islandnet.com@192.168.0.64 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 10 Oct 2002 13:10:33 -0700 To: freebsd-questions@freebsd.org From: Marc Hunter Subject: ipfw and natd during internal to internal access ... In-Reply-To: <007001c2708c$b8386070$0650fea9@highcross> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-MDRemoteIP: 24.70.196.175 X-Return-Path: hunter@hunter.net X-MDaemon-Deliver-To: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, We have just implemented an ipfw and natd firewall and generally it works great. We are using natd for traffic going out and to redirect outside traffic on port 80 to a particular webserver. However, when a machine within the network attempts to access the web server through its external address (using the domain name for instance) it doesn't work. Is there some special trick to deal with this? An example to summarize: Firewall - External IP: 24.70.100.100 - Internal IP: 192.168.0.64 Webserver - IP: 192.168.0.128 User machine - IP: 192.168.0.200 We have a domain mapped to 24.70.100.100, and when the web request is initiated from outside the network, it all works fine, from inside, it fails. Inside access to the rest of the web works fine (so natd is working going out and the redirect_port is working for those coming in). Any tips? Thanks! Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message