From owner-freebsd-questions Sun Jul 30 23:45:34 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.hcvlny.cv.net (mx1.hcvlny.cv.net [167.206.112.76]) by hub.freebsd.org (Postfix) with ESMTP id AAE5437B563 for ; Sun, 30 Jul 2000 23:45:29 -0700 (PDT) (envelope-from steinyv@skyweb.net) Received: from s1.optonline.net (s1.optonline.net [167.206.112.6]) by mx1.hcvlny.cv.net (8.9.3/8.9.3) with ESMTP id CAA01680 for ; Mon, 31 Jul 2000 02:45:29 -0400 (EDT) Received: from steinyv (d133-151.jcsnnj.optonline.net [24.189.133.151]) by s1.optonline.net (8.9.1/8.9.3) with ESMTP id CAA06428 for ; Mon, 31 Jul 2000 02:45:24 -0400 (EDT) Message-Id: <4.2.0.58.20000731020258.00a10cc0@mail-hub.optonline.net> X-Sender: steinyv@pluto.skyweb.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Mon, 31 Jul 2000 02:13:34 -0400 To: freebsd-questions@freebsd.org From: steinyv Subject: Re: IPFW and NAT question In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I just set machine with IPFW and NAT and came across a problem like you have. Just make sure your firewall/gateway machine, can ping and traceroute IPs and domains on the net. Set your LAN machines to use your private IP (192.168.1.2) as the gateway and set the machines to use your ISP's DNS. That made everything work for me.... Hope that works for you..... At 01:24 PM 7/30/00 , you wrote: >Hi, > >I have configured my FreeBSD 4.0 Pentium 233Mhz based PC as a firewall to >the Internet using a DSL connection. > >I use a public IP (207.208.254.234) gateway (207.208.254.1). > > From this machine I can access the Internet. However the machines on my > private network cannot. > >My public interface is fxp0 (intel Ether Express Pro 10/100 B), and my >private interface is xl0 (3Com 3c905B-TX Fast EtherLink XL) using 192.168.1.2 > >Any hots on the private segment 192.168.1 can successfully ping the public >interface fxp0. > >The problem is that I cannot rich anything beyond fxp0, not even the IP >address of the gateway on the ISP that is on the same segment as fxp0. For >example a traceroute hug.freebsd.org fails. > >I have configured all the necessary files for IPFW ant natd and rebuilt >the kernel successfully. > >I read in natd man pages that there is a -dynamic option to use, but I did >not see it in the configuration walkthrough in the Handbook. >Where else should I look?8 >Can someone please help? > >Thanks, > >Konan > >________________________________________________________________________ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message _________________________________________ Steiny's Studio Pachyderm Productions http://steiny.hypermart.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message