Date: Tue, 25 Sep 2001 17:42:57 -0400 (EDT) From: Joe Clarke <marcus@marcuscom.com> To: "P. U. (Uli) Kruppa" <root@pukruppa.de> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: Gateway? (I read all TFM's - really!) Message-ID: <20010925173353.X97094-100000@shumai.marcuscom.com> In-Reply-To: <20010925193825.R11253-100000@big>
next in thread | previous in thread | raw e-mail | index | archive | help
See below. On Tue, 25 Sep 2001, P. U. (Uli) Kruppa wrote: > Hi Joe, > > On Tue, 25 Sep 2001, Joe Clarke wrote: > > > small must have a default route to big (which I think you already have). > > If the result is exactly the same, make sure small is configured with DNS > > servers in /etc/resolv.conf so that name resolution works. > Is this the line > nameserver 192.168.10.1 > ? That's the line, but do you have named running on 192.168.10.1? > > > Another thing > > you can try is a source ping from the inside interface on big: > > > > ping -S 192.168.10.1 www.freebsd.org > This will result in > ping: bind: Can't assign requested address I should state, try the above ping command on the machine that has the address 192.168.10.1 bound to it. I have a ppp VPN using a similar setup to you: --------- |Gateway| fxp0 (192.168.1.4) --------- IP Phone (192.168.1.239) --------- tun0 (10.1.1.200) | | | | tun0 (10.1.1.1) ------------ |VPN server| fxp0 (172.18.124.119) ------ (Intranet) ---- (172.18.124.33) ------------ Now, I run ppp -nat on my gateway. To test this, I run: ping -S 192.168.1.4 172.18.124.33 When I get replies back, I know NAT is working. Now, I set my IP Phone to use the 192.168.1.4 as its default gateway (and gateway_enable="YES" in my rc.conf file on Gateway). Everything works. > > > See if NAT is actually working on big. If that works, then NAT is not > > your issue. > I understood I would not need to compile NAT into the kernel > when I use > ppp -nat ??? No, ppp is linked against libalias which is the name thing natd uses. The GENERIC kernel is fine. > > > Try pinging the IP address on your tun0 interface from > > small. > How do I do this? > In my model above, if I could, I would ping 10.1.1.200 from the IP Phone. If this works, I know the IP phone is routing packets correctly to 192.168.1.4. Joe > > That will tell you if your routing is good. > > > > Joe > > > Uli. > > > On Tue, 25 Sep 2001, P. U. (Uli) Kruppa wrote: > > > > > Thanks for your answers so far. As some of you suggested it > > > seems a good idea to me to use user-ppp with -nat flag . > > > > > > I always started ppp with > > > # ppp -ddial myconfig > > > now I should use > > > # ppp -nat -ddial myconfig > > > but the result is the same as before (see my first letter > > > at the end of this message). > > > > > > I had a look at # man ppp . It says, there could there > > > could be two reasons for that > > > 1) IP-forwarding must be activated in rc.conf > > > ( that should be the line > > > gateway_enable="YES" ) or > > > 2) small has not designated big (the ppp-host) as gateway > > > (how do I know ?) > > > > > > > > > Still more thanks for all your answers. > > > > > > Uli. > > > > > > > > > On Mon, 24 Sep 2001, P. U. (Uli) Kruppa wrote: > > > > > > > Please could someone tell me THE TRICK: > > > > > > > > This is my small home-lan: > > > > > > > > > > > > > > > > rl0 rl1 rl0 > > > > *---------* *----------* > > > > | small *-------* big *----* > > > > *---------* *----------* | tun0 > > > > 192.168.10.2 192.168.10.1 | > > > > *---*-------* > > > > | DSL-modem *-----* > > > > *-----------* | > > > > | > > > > * > > > > internet > > > > > > > > > > > > small and big run FreeBSD4.3-RELEASE . small and big can > > > > ping, ftp and telnet each other (by name as well as by > > > > IP-address). big can reach the colourful world of the internet. > > > > But: small cannot get there. > > > > # ping www.freebsd.org > > > > will result in > > > > cannot resolve www.freebsd.org: hostname lookup failure > > > > > > > > I will give you the output of big's and small's > > > > # netstat -r > > > > > > > > big: > > > > Routing tables > > > > > > > > Internet: > > > > Destination Gateway Flags Refs Use Netif Expire > > > > default 217.5.116.17 UGSc 4 383 tun0 > > > > localhost localhost UH 0 0 lo0 > > > > 192.168.10 link#2 UC 0 0 rl1 > > > > 217.5.116.17 pD90172ED.dip.t-di UH 5 0 tun0 > > > > > > > > small: > > > > Routing tables > > > > > > > > Internet: > > > > Destination Gateway Flags Refs Use Netif Expire > > > > default big UGSc 0 0 rl0 > > > > localhost localhost UH 0 0 lo0 > > > > 192.168.10 link#1 UC 1 0 rl0 > > > > big 0:50:fc:3a:f1:1a UHLW 1 35 rl0 1200 > > > > > > > > > > > > Thanks for your help. > > > > (I hope I did not publish any sensitive data with this.) > > > > > > > > > > > > Uli. > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010925173353.X97094-100000>