Date: Fri, 05 Jan 2001 19:19:05 -0600 From: Sean <devotwo@home.com> To: freebsd-net@freebsd.org Subject: Re: Problem with Multihomed Machine Message-ID: <3A567289.DBD37F7@home.com> References: <Pine.BSF.4.21.0101050918010.18126-100000@rapidnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--------------CBD155DAFF970F8F91602504 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Nick Rogness wrote: > On Fri, 5 Jan 2001, Sean wrote: > > > Hello. I'm having some problems setting up a multihomed machine and > was > > wondering if someone could point me in the right direction. I have > a > > FreeBSD box with 2 ethernet cards. One card, rl0, is connected to > my > > cable modem. The other card, rl1, is connected to a Win2000 box. > The > > goal is to have FreeBSD act as a firewall for the Win2000 machine. > I > > have set the IP address of the internal network card (rl1) to > 10.0.0.1, > > and I have the IP address of Win2000 set as 10.0.0.2, with a gateway > of > > 10.0.0.1. The problem I'm having is, I can't get Win2000 to do > anything > > to try and connect to FreeBSD, it won't even do a ping of the > FreeBSD > > machine. From FreeBSD, I can get on the internet, and ping Win2000, > > > but, Win2000 won't connect to anything. I've read quite a few > howtos on > > Is gateway_enable turned on ? Is firewalling turned on? If > so, what do your rules look like? Is natd enabled? In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For the firewalling, I recompiled the kernel with the following options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT from "ipfw list", I have the following rules in place 00100 divert 8668 ip from any to any via rl0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 allow ip from any to any I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect. In my natd configuration file, i have: unregistered_only log yes use_sockets yes same_ports yes > > > > natd and setting up a firewall, but, I can't figure out why it's not > > > working. Just from looking at the Win2000 settings, it appears it's > set > > up right, so, I am wondering if I'm doing something wrong in > FreeBSD. > > > > Below I've included the output from ifconfig -a, netstat -rn and > netstat > > -in. Any help would be greatly appreciated. > > > > Nick Rogness > - Drive defensively. Buy a tank. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Sean Chisek devotwo@home.com --------------CBD155DAFF970F8F91602504 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit <!doctype html public "-//w3c//dtd html 4.0 transitional//en"> <html> <br>Nick Rogness wrote: <blockquote TYPE=CITE>On Fri, 5 Jan 2001, Sean wrote: <p>> Hello. I'm having some problems setting up a multihomed machine and was <br>> wondering if someone could point me in the right direction. I have a <br>> FreeBSD box with 2 ethernet cards. One card, rl0, is connected to my <br>> cable modem. The other card, rl1, is connected to a Win2000 box. The <br>> goal is to have FreeBSD act as a firewall for the Win2000 machine. I <br>> have set the IP address of the internal network card (rl1) to 10.0.0.1, <br>> and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of <br>> 10.0.0.1. The problem I'm having is, I can't get Win2000 to do anything <br>> to try and connect to FreeBSD, it won't even do a ping of the FreeBSD <br>> machine. From FreeBSD, I can get on the internet, and ping Win2000, <br>> but, Win2000 won't connect to anything. I've read quite a few howtos on <p> Is gateway_enable turned on ? Is firewalling turned on? If <br> so, what do your rules look like? Is natd enabled?</blockquote> In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For the firewalling, I recompiled the kernel with the following options: <p>options IPFIREWALL <br>options IPFIREWALL_VERBOSE <br>options IPFIREWALL_VERBOSE_LIMIT=10 <br>options IPFIREWALL_FORWARD <br>options IPFIREWALL_DEFAULT_TO_ACCEPT <br>options IPDIVERT <p>from "ipfw list", I have the following rules in place <br>00100 divert 8668 ip from any to any via rl0 <br>00100 allow ip from any to any via lo0 <br>00200 deny ip from any to 127.0.0.0/8 <br>65000 allow ip from any to any <br>65535 allow ip from any to any <p>I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect. <p>In my natd configuration file, i have: <p>unregistered_only <br>log yes <br>use_sockets yes <br>same_ports yes <br> <blockquote TYPE=CITE> <p>> natd and setting up a firewall, but, I can't figure out why it's not <br>> working. Just from looking at the Win2000 settings, it appears it's set <br>> up right, so, I am wondering if I'm doing something wrong in FreeBSD. <br>> <br>> Below I've included the output from ifconfig -a, netstat -rn and netstat <br>> -in. Any help would be greatly appreciated. <br>> <p>Nick Rogness <br>- Drive defensively. Buy a tank. <p>To Unsubscribe: send mail to majordomo@FreeBSD.org <br>with "unsubscribe freebsd-net" in the body of the message</blockquote> <pre>-- Sean Chisek devotwo@home.com</pre> <p> </html> --------------CBD155DAFF970F8F91602504-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A567289.DBD37F7>