From owner-freebsd-net Fri Jan 5 17:18:43 2001 From owner-freebsd-net@FreeBSD.ORG Fri Jan 5 17:18:37 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mail1.rdc1.il.home.com (mail1.rdc1.il.home.com [24.2.1.76]) by hub.freebsd.org (Postfix) with ESMTP id C808637B402 for ; Fri, 5 Jan 2001 17:18:36 -0800 (PST) Received: from home.com ([24.14.186.233]) by mail1.rdc1.il.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010106011831.ZGHA17339.mail1.rdc1.il.home.com@home.com> for ; Fri, 5 Jan 2001 17:18:31 -0800 Sender: root@FreeBSD.ORG Message-ID: <3A567289.DBD37F7@home.com> Date: Fri, 05 Jan 2001 19:19:05 -0600 From: Sean X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: Problem with Multihomed Machine References: Content-Type: multipart/alternative; boundary="------------CBD155DAFF970F8F91602504" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --------------CBD155DAFF970F8F91602504 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Nick Rogness wrote: > On Fri, 5 Jan 2001, Sean wrote: > > > Hello. I'm having some problems setting up a multihomed machine and > was > > wondering if someone could point me in the right direction. I have > a > > FreeBSD box with 2 ethernet cards. One card, rl0, is connected to > my > > cable modem. The other card, rl1, is connected to a Win2000 box. > The > > goal is to have FreeBSD act as a firewall for the Win2000 machine. > I > > have set the IP address of the internal network card (rl1) to > 10.0.0.1, > > and I have the IP address of Win2000 set as 10.0.0.2, with a gateway > of > > 10.0.0.1. The problem I'm having is, I can't get Win2000 to do > anything > > to try and connect to FreeBSD, it won't even do a ping of the > FreeBSD > > machine. From FreeBSD, I can get on the internet, and ping Win2000, > > > but, Win2000 won't connect to anything. I've read quite a few > howtos on > > Is gateway_enable turned on ? Is firewalling turned on? If > so, what do your rules look like? Is natd enabled? In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES". For the firewalling, I recompiled the kernel with the following options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT from "ipfw list", I have the following rules in place 00100 divert 8668 ip from any to any via rl0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any 65535 allow ip from any to any I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect. In my natd configuration file, i have: unregistered_only log yes use_sockets yes same_ports yes > > > > natd and setting up a firewall, but, I can't figure out why it's not > > > working. Just from looking at the Win2000 settings, it appears it's > set > > up right, so, I am wondering if I'm doing something wrong in > FreeBSD. > > > > Below I've included the output from ifconfig -a, netstat -rn and > netstat > > -in. Any help would be greatly appreciated. > > > > Nick Rogness > - Drive defensively. Buy a tank. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- Sean Chisek devotwo@home.com --------------CBD155DAFF970F8F91602504 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit  
Nick Rogness wrote:
On Fri, 5 Jan 2001, Sean wrote:

> Hello.  I'm having some problems setting up a multihomed machine and was
> wondering if someone could point me in the right direction.  I have a
> FreeBSD box with 2 ethernet cards.  One card, rl0, is connected to my
> cable modem.  The other card, rl1, is connected to a Win2000 box.   The
> goal is to have FreeBSD act as a firewall for the Win2000 machine.  I
> have set the IP address of the internal network card (rl1) to 10.0.0.1,
> and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of
> 10.0.0.1.  The problem I'm having is, I can't get Win2000 to do anything
> to try and connect to FreeBSD, it won't even do a ping of the FreeBSD
> machine.  From FreeBSD, I can get on the internet, and ping Win2000,
> but, Win2000 won't connect to anything.  I've read quite a few howtos on

        Is gateway_enable turned on ?  Is firewalling turned on?  If
        so, what do your rules look like?  Is natd enabled?

In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES".  For the firewalling,  I recompiled the kernel with the following options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT

from "ipfw list", I have the following rules in place
00100 divert 8668 ip from any to any via rl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 allow ip from any to any

I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect.

In my natd configuration file, i have:

unregistered_only
log yes
use_sockets yes
same_ports yes
 

 

> natd and setting up a firewall, but, I can't figure out why it's not
> working.  Just from looking at the Win2000 settings, it appears it's set
> up right, so, I am wondering if I'm doing something wrong in FreeBSD.
>
> Below I've included the output from ifconfig -a, netstat -rn and netstat
> -in.  Any help would be greatly appreciated.
>

Nick Rogness
- Drive defensively.  Buy a tank.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

-- 

Sean Chisek
devotwo@home.com
 

  --------------CBD155DAFF970F8F91602504-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message