Date: Sun, 26 Aug 2001 21:20:35 -0400 From: "Michael J. Huber" <mjhuber@mindspring.com> To: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Problems browsing website via PPPoE and NAT Message-ID: <200108270110.VAA03075@granger.mail.mindspring.net>
next in thread | raw e-mail | index | archive | help
I have recently purchased and install FreeBSD 4.2-RELEASE and have it acting as a gateway between my DSL line and two PC's. Once I found all the right notes online I got PPPoE and natd running and things seemed to be working fine. I can ssh and telnet out, ssh in, browse almost any website I want. When I try to browse site within umbc.edu (www.umbc.edu, my.umbc.edu, userpages.umbc.edu, research.umbc.edu), all I seem to get is timeouts. I read about a problem with packets not getting back in earlier versions of PPPoE but, that it had been fixed. When using Netscape or IE to browse from one of my PC's these websites timeout, telnetting to port 80 (telnet www.umbc.edu 80) and sending "GET / HTTP/1.0" gives the same results. If I telnet from the gateway (I'm not running X) and do a GET, I receive the expected HTML with not problems. I have used "sniffit" on my gateways internal interface and nothing seems to be coming back. When I tried to sniff my external interface or tun0 I get nothing at all. The contents of /etc/rc.conf, /etc/ppp/ppp.conf and /etc/firewall.fwrules follow. I have recently switched from using natd to having ppp do NAT. Any help on solving the problem or gathering more information would be greatly appreciated. -- rc.conf -- kern_securelevel="-1" kern_securelevel_enable="YES" saver="blank" network_interfaces="lo0 ed0 ep0" #network_interfaces="lo0 ep0" ifconfig_ed0="up" ifconfig_ep0="inet 10.5.1.1 netmask 255.255.255.0 broadcast 10.5.1.255" hostname="raja.home.com" sendmail_enable="YES" sshd_enable="YES" portmap_enable="NO" nfs_server_enable="NO" inetd_enable="YES" #gateway_enable="NO" gateway_enable="YES" firewall_enable="YES" firewall_script="/etc/firewall/fwrules" #natd_enable="YES" #natd_interface="tun0" #natd_flags="-dynamic" ppp_enable="YES" -- end rc.conf -- -- ppp.conf -- default: set device PPPoE:ed0 set speed sync set mru 1492 set mtu 1492 # set log Phase Chat LCP IPCP CCP tun command set log Phase tun set ctsrts off set ifaddr 10.0.0.1/0 10.0.0.2/0 add default HISADDR # Add a (sticky) default route enable dns nat enable yes # nat enable no set mode ddial papchap: set authname ***** set authkey ***** -- end ppp.conf -- -- fwrules -- fwcmd="/sbin/ipfw" $fwcmd -f flush $fwcmd add allow ip from any to any via lo0 $fwcmd add allow ip from any to any via ep0 $fwcmd add allow tcp from any to any out xmit tun0 setup $fwcmd add allow tcp from any to any via tun0 established $fwcmd add allow tcp from any to any 22 setup $fwcmd add reset log tcp from any to any 113 in recv tun0 $fwcmd add allow udp from any to 4.2.2.1 53 out xmit tun0 $fwcmd add allow udp from 4.2.2.1 53 to any in recv tun0 $fwcmd add 65435 allow icmp from any to any $fwcmd add 65435 deny log ip from any to any -- end fwrules -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108270110.VAA03075>