Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 10 Oct 2002 16:39:34 -0400
From:      wolf <mjoyner2@hq.dyns.cx>
To:        Marc Hunter <hunter@hunter.net>, questions <questions@freebsd.org>
Subject:   Re: ipfw and natd during internal to internal access ...
Message-ID:  <3DA5E586.5000400@hq.dyns.cx>
References:  <4.2.0.58.20021010130144.00bc7a10@192.168.0.64>
next in thread | previous in thread | raw e-mail | index | archive | help 
The request never hits the firewall rule for it to get diverted into nat.

(via INTERFACE, it never goes into that interface).

While I know the cause, I am not sure as to the fix.

Though I am sure an additional firewall rule would probably work to fix it.

Maybe something like
divert 8668 ip from 192.168/16 to 24.70.100.100
divert 8668 ip from 24.70.100.100 to 192.168/16

Eat this with lots of salt and make sure your at the console.

Marc Hunter wrote:

> Hi,
> 
> We have just implemented an ipfw and natd firewall and generally it 
> works great.  We are using natd for traffic going out and to redirect 
> outside traffic on port 80 to a particular webserver.   However, when a 
> machine within the network attempts to access the web server through its 
> external address (using the domain name for instance) it doesn't work.
> 
> Is there some special trick to deal with this?
> 
> An example to summarize:
> 
> Firewall
>  - External IP: 24.70.100.100
>  - Internal IP: 192.168.0.64
> 
> Webserver
>  - IP: 192.168.0.128
> 
> User machine
>  - IP: 192.168.0.200
> 
> We have a domain mapped to 24.70.100.100, and when the web request is 
> initiated from outside the network, it all works fine, from inside, it 
> fails.  Inside access to the rest of the web works fine (so natd is 
> working going out and the redirect_port is working for those coming in).
> 
> Any tips?
> 
> Thanks!
> 
> Marc
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DA5E586.5000400>