From owner-freebsd-questions Mon Oct 23 10:21:53 2000 Delivered-To: freebsd-questions@freebsd.org Received: from snoopy.brwn.org (intgw1.brwn.org [196.28.127.66]) by hub.freebsd.org (Postfix) with ESMTP id 3DB4537B479 for ; Mon, 23 Oct 2000 10:21:49 -0700 (PDT) Received: by snoopy.brwn.org (Postfix, from userid 1000) id 4F20D3ABC; Mon, 23 Oct 2000 19:21:41 +0200 (SAST) Date: Mon, 23 Oct 2000 19:21:41 +0200 From: Willem Brown To: marcus.lam@coresolutions.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: PPP NAT problems Message-ID: <20001023192141.T40098@snoopy.brwn.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from marcus.lam@coresolutions.com on Mon, Oct 23, 2000 at 10:08:45AM +0800 X-Public-Key: http://willem.brwn.org/pubkey.txt X-Chat-Server: http://chat.brwn.org/ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, On Mon, Oct 23, 2000 at 10:08:45AM +0800, marcus.lam@coresolutions.com wrote: > Hello, > > I have a FreeBSD box set up with PPPoE set up and it's running fine. no > problem. > > Now I want to share this connection with other NT boxes I have. For some > reason I can ping from a NT box to the outside world but I cannot get real > connection, let's say a HTTP connection, to the outside world. > > I am using ipfilter for NAT purposes. And the configuration is like this: > ========================================================================== > map tun0 192.168.0.0/16 -> 0.0.0.0/32 portmap tcp/udp 40000:65000 > map tun0 192.168.0.0/16 -> 0.0.0.0/32 This might be your problem.^^^^^^^^^^^^ It should be 0/0 not 0.0.0.0/32. You can also use the interface name, tun0/32. > > and for ipfilter I set this: > ========================================== > pass in quick proto tcp all keep state > pass out quick proto tcp all keep state > > > Now on a NT box (192.168.0.50) I can ping, say, www.oracle.com > successfully but when I use a browser to access www.oracle.com it never > returns. I noticed there is actually traffic thru the DSL modem but the > result never reach back to the NT box, is it a routing issue or some other > settings I forgot? > > here is a dump of the routing table on the FreeBSD box > ================================================================ > Destination Gateway Flags ... Netif Expire > default 192.168.64.1 UGSc tun0 > 10 link#1 UC xl0 => > 127.0.0.1 127.0.0.1 UH lo0 > 192.168 link#2 UC rl0 => > 192.168.0.50 link#2 UHLW rl0 => > 192.168.64.1 203.169.162.137 UH tun0 > > > Thanks. > > -------------------------------------------------------------------- > Marcus Lam (marcus.lam@coresolutions.com) Best Regards Willem Brown -- /* =============================================================== */ /* Linux, FreeBSD, NetBSD, OpenBSD. The choice is yours. */ /* =============================================================== */ Inside every large program is a small program struggling to get out. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message