Date: Mon, 5 May 1997 14:31:49 +0200 (MET DST) From: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De> To: hendra@unix.ukdw.ac.id (Hendra Sentono) Cc: questions@FreeBSD.ORG Subject: Re: Can't get reply when pinging from inside network Message-ID: <199705051231.OAA17127@helbig.informatik.ba-stuttgart.de> In-Reply-To: <Pine.BSF.3.91.970505153956.10770A-100000@unix.ukdw.ac.id> from Hendra Sentono at "May 5, 97 03:53:42 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > Our BSD 2.1.5-RELEASE configured as a gateway and firewall. > It is installed with 2 network cards and configured to be able to > give Internet connection for the inside network (with one NIC, the > other NIC is connected to the Internet via VSAT connection) > > # parts of sysconfig > router="routed" > gateway=YES > firewall=YES > > The problem is when a computer from the inside network try to ping > any Internet address (such as www.yahoo.com), it can recognize the > IP address, but it receives 'Request time out' message. > > Most of our inside network computers are Win95 with TCP/IP installed, > DNS enabled (we configure the BSD machine as name server, too). > > In this situation our inside computers can't ftp-ing any outside > sites (but it can ftp-ing the BSD machine and also some other BSD > machines that have the same position/connected to the Internet > directly as the former) It looks like your firewall configuration is correct, (read the firewall section in /usr/share/doc/handbook.html if in doubt) but you want to use your BSD machine as a gateway as well, so you have to set gateway="YES" in /etc/sysconfig to get it started at bootime, or set it later with # sysctl -w net.inet.ip.forwarding=1 Wolfgang
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705051231.OAA17127>