From owner-freebsd-questions Wed Mar 24 13:18:24 1999 Delivered-To: freebsd-questions@freebsd.org Received: from cs.sfu.ca (cs.sfu.ca [142.58.111.1]) by hub.freebsd.org (Postfix) with ESMTP id 05A0D14C0D for ; Wed, 24 Mar 1999 13:18:22 -0800 (PST) (envelope-from tront@cs.sfu.ca) Received: from sockeye (sockeye [199.60.4.6]) by cs.sfu.ca (8.9.1/8.9.1) with SMTP id NAA26634 for ; Wed, 24 Mar 1999 13:18:00 -0800 (PST) Message-Id: <3.0.3.32.19990324131801.00a11890@cs.sfu.ca> X-Sender: tront@cs.sfu.ca X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Wed, 24 Mar 1999 13:18:01 -0800 To: freebsd-questions@freebsd.org From: tront@cs.sfu.ca Subject: natd problem Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I am a university instructor of a network admin course that has been using freebsd unix for 2 years, we are currently using 2.2.7. We are trying natd for the first time ever. And after checking all available documentation we are stumped as to why we can't even ping one hop from the gateway to a public network machine while natd is running. We have followed the instructions on the man page exactly! We can ping from the internal machine to the gateway and visa versa. But not through the gateway to the public network. And more interestingly, not even from the gateway machine to the public network (one hop!). When we kill natd and remove the divert firewall rule, ping is successful in all ways, including relay through the gateway, so the connectivity and routing is good. The divert rule firewall timestamp is showing that it is being used at the time we attempt to pings, so the firewall is running. And the firewall only has the specified 2 rules plus the final 65535 deny rule. Also, we found that running natd in verbose mode generated no error messages. And running in log mode didn't seem to generate any log in alias.log. We have spent hours on this, and are beginning to disagree with the man page that states "Running natd is fairly straight forward". Can you give us another pointer or two on where to look for some error in our setup. Thanks VERY much, Russ Tront, Instructor School of Computer Science Simon Fraser University Burnaby, B.C. V5A 1S6 Canada. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message