From owner-freebsd-questions@FreeBSD.ORG Sat Nov 15 18:42:46 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A468106564A for ; Sat, 15 Nov 2008 18:42:46 +0000 (UTC) (envelope-from LukeD@pobox.com) Received: from sasl.smtp.pobox.com (a-sasl-fastnet.sasl.smtp.pobox.com [207.106.133.19]) by mx1.freebsd.org (Postfix) with ESMTP id D8F228FC0A for ; Sat, 15 Nov 2008 18:42:45 +0000 (UTC) (envelope-from LukeD@pobox.com) Received: from localhost.localdomain (unknown [127.0.0.1]) by a-sasl-fastnet.sasl.smtp.pobox.com (Postfix) with ESMTP id 6F63D7DCC9; Sat, 15 Nov 2008 13:42:44 -0500 (EST) Received: from lukas.is-a-geek.org (unknown [71.113.98.220]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-sasl-fastnet.sasl.smtp.pobox.com (Postfix) with ESMTPSA id 7F9417DCC6; Sat, 15 Nov 2008 13:42:40 -0500 (EST) Date: Sat, 15 Nov 2008 10:42:30 -0800 (PST) From: Luke Dean X-X-Sender: lukas@border.lukas.is-a-geek.org To: Jakub T In-Reply-To: <42b840be0811150949i1a8e0251tea94d8824cf4458f@mail.gmail.com> Message-ID: References: <42b840be0811150949i1a8e0251tea94d8824cf4458f@mail.gmail.com> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Pobox-Relay-ID: 30D61B06-B345-11DD-B5BF-9CEDC82D7133-96347044!a-sasl-fastnet.pobox.com Cc: freebsd-questions@freebsd.org Subject: Re: Port forwarding behind two routers X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Luke Dean List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Nov 2008 18:42:46 -0000 On Sat, 15 Nov 2008, Jakub T wrote: > Good day people, > > I'm trying to get wireless Internet access for my laptop and to use this > wireless router as a switch for my FreeBSD box at the same time. This > wireless router has one Internet plug and for Ethernet plugs for wired > boxes. Now I have this situation: > > INTERNET > | > telephone/adsl-wire > | > | > ADSL router > wan : xx.xx.xx.xx FreeBSD box (wired) > lan : 192.168.1.1 ip: 192.168.0.102 > | laptop gateway: 192.168.0.1 > | (wireless) | > [internet plug] ip: 192.168.0.101 | > Wireless router gateway: 192.168.0.1 | > lan : 192.168.0.1 . . . . . : | > [ethernet plug] | > | | > +-------------------------------------------+ > > > The wireless router software configured the router like this: > > Destination LAN IP Subnet Mask Gateway Interface > 0.0.0.0 0.0.0.0 192.168.1.1 WAN (Internet) > 192.168.0.0 255.255.255.0 192.168.0.1 LAN & Wireless > 192.168.1.0 255.255.255.0 192.168.1.2 WAN (Internet) > > ... so it works as a switch for two boxes and as a router at the same time. > > The FreeBSD box is configured like this: > > ifconfig_XXX0="inet 192.168.0.102 netmask 255.255.255.0" > defaultrouter="192.168.0.1" > > Now I have Internet connection on both computers. However, I can't get aMule > and other apps that need port forwarding working on FreeBSD box. > > First, I tried to configure ADSL router (192.168.1.1) just to forward 4662 > port to 192.168.0.102, doesn't work. > > Then, I tried this: > 192.168.1.1 router: forward 4662 to 192.168.0.1 > 192.168.0.1 router: forward 4662 to 192.168.0.102 > > not working again. > > I have a feeling that I'm missing something very simple, but can't figure > out what. > > (A note: before I acquired a wireless router, forwarding with one router was > just working, with FreeBSD box configured as 192.168.1.101, so that side of > things is ok. And, no, it's not possible to use just wireless router because > I can't plug telephone wire in it.) > > Can anyone help me? Should I post more details? TIA, > Jakub Port-forwarding through two NATs is something I've never had any success with. I have a few suggestions that have worked for me and my friends with this setup. A) Disable NAT on the ADSL router. I think the term is "bridged mode". Turn it into a dumb box and shift all the NAT/firewall/routing responsibilities over to your wireless router. Depending on your ISP, the hardware, and the protocols involved, this may not be an option for you. B) Disable NAT on the wireless router. This allows it to be a simple switch and wireless access point. The price is that you're probably relying on the DHCP server in the wireless router for your wireless devices and you'll have to disable the DHCP when you disable NAT. This creates new problems to be solved. C) Plug the FreeBSD box into the ADSL router, skipping the wireless router. Your wireless devices will still be double-NATted, but if you're not running servers on them, you might be able to live with that.