Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 18 Nov 2000 14:58:06 -0800
From:      "Crist J . Clark" <cjclark@reflexnet.net>
To:        Fabrizzio Batista <Fabrizzio.Batista@lojasobino.com.br>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: NAT with redirect_port
Message-ID:  <20001118145806.J9740@149.211.6.64.reflexcom.com>
In-Reply-To: <001e01c051b1$5bea0ae0$65010180@lojasobino.com.br>; from Fabrizzio.Batista@lojasobino.com.br on Sat, Nov 18, 2000 at 08:46:13PM -0200
References:  <000701c050d1$afc84ae0$65010180@lojasobino.com.br> <20001117222040.H9740@149.211.6.64.reflexcom.com> <001e01c051b1$5bea0ae0$65010180@lojasobino.com.br>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 18, 2000 at 08:46:13PM -0200, Fabrizzio Batista wrote:
> 
> ----- Original Message -----
> From: Crist J . Clark <cjclark@reflexnet.net>
> To: Fabrizzio Batista <Fabrizzio.Batista@lojasobino.com.br>
> Cc: <freebsd-questions@FreeBSD.ORG>
> Sent: Saturday, November 18, 2000 4:20 AM
> Subject: Re: NAT with redirect_port
> 
> 
> > On Fri, Nov 17, 2000 at 06:05:06PM -0200, Fabrizzio Batista wrote:
> > >
> > >     Hi gurus,
> > >
> > >     I´m using NAT with redirect_port in SMTP and everything is fine when
> the
> > > clients are out of my internal net. But when I try to access my internal
> > > Server from a internal client, the redirect_port in natd not work.
> > >
> > > 200.12.1.1   200.12.1.2        192.168.1.2                192.168.1.1
> > > Internet -------> Server With NAT ---------> SMTP Server
> > >     From 200.12.1.1 : telnet 200.12.1.2 25 -> It´s Works
> > >
> > > 200...    192.168.1.2/ ----------Internal Client
> > > Server With NAT -----------> SMTP Server  -> NOT WORK
> > >     From 192.168.1.3: telnet 200.12.1.2 25 -> It´s not work
> > >
> > > natd -n rl0 -redirect_port 192.168.1.1:25 25
> > >
> > > So, anybody help me ???
> >
> > When someone tries to access the internal server from the internal
> > network, it goes to the NAT machine which accepts the packet. It is
> > never run through the natd(8) process since the packet never gets
> > processed on the external interface (the one with the divert(4) rule).
> >
> > It is very ugly to try to fix this. It is much easier to use the
> > local name on the internal machines. If you really want to go the
> > other way, it involves running another instance of natd(8) on the
> > internal interface.
> > --
> > Crist J. Clark                           cjclark@alum.mit.edu
> >
> 
>     I´ have tried to use nat in two interfaces, but looks like only works in
> one interface. When I try to use in two interfaces, only the first is that
> works.
>     I added another divert rule to new interface in ipfw rules.
> 
>     Do you have any idea ???

And you used a different port for the new divert rule? That is, the
rule diverts to a different port and the second natd process listens
on this other port?
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001118145806.J9740>