From owner-freebsd-questions Wed Nov 20 11:12: 2 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADA9A37B401 for ; Wed, 20 Nov 2002 11:11:59 -0800 (PST) Received: from web13806.mail.yahoo.com (web13806.mail.yahoo.com [216.136.175.16]) by mx1.FreeBSD.org (Postfix) with SMTP id 74F5A43E4A for ; Wed, 20 Nov 2002 11:11:59 -0800 (PST) (envelope-from bencraig@yahoo.com) Message-ID: <20021120191159.5699.qmail@web13806.mail.yahoo.com> Received: from [81.3.108.210] by web13806.mail.yahoo.com via HTTP; Wed, 20 Nov 2002 19:11:59 GMT Date: Wed, 20 Nov 2002 19:11:59 +0000 (GMT) From: =?iso-8859-1?q?Ben=20Craig?= Subject: NAT Help To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I'm trying to get NAT up and running on my FreeBSD 4.7R gateway machine and have hit a bit of a wall. Have looked around online for FAQs and other help and haven't really been able to isolate the problem this way. If anyone can offer advice, I would be most appreciative. I have a FreeBSD machine configured as a gateway for a LAN. The BSD machine has two NICs (fxp0 and vr0). fxp0 is connected to a router via ethernet, which in turn is connected to the Net via ADSL. The router is very basic and doesn't have all of the functions we require, hence the BSD box being the gateway. vr0 is connected to a hub for the LAN, which all uses internal 10.0.0.x IP addressing. The FreeBSD box provides DHCP for this range. All of this is working correctly. We also have a couple of external IPs which I would like to map onto a couple of servers on the private LAN, and herein lies the problem. I just can't seem to get NAT working to redirect these IPs from the BSD machine to the relevant internal IP. On the BSD machine, I've compiled a kernel with the following options: options IPFIREWALL options IPDIVERT options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE The following options exist in rc.conf: gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="fxp0" natd_flags="-redirect_address 10.0.0.2 x.x.x.x -redirect_address 10.0.0.3 x.x.x.x" (where x.x.x.x is of course the external IP). rc.conf also contains the following ipconfig settings for the external IP addresses (of which there are 5). ifconfig_fxp0_alias0="inet x.x.x.x netmask 255.255.255.248" ifconfig_fxp0_alias1="inet x.x.x.x netmask 255.255.255.248" ifconfig_fxp0_alias2="inet x.x.x.x netmask 255.255.255.248" ifconfig_fxp0_alias3="inet x.x.x.x netmask 255.255.255.248" ifconfig_fxp0_alias4="inet x.x.x.x netmask 255.255.255.248" alias0 is used as the IP address for the gateway machine and my intention is to redirect traffic on the remaining four addresses to other machines on the LAN. This is where it falls down and I'm stumped. Regards, Ben Craig. ===== -- Benjamin Craig Executive Producer Cinemagine Limited __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message