Date: Fri, 1 Mar 2002 13:10:39 -0500 From: "Pieckiel, Kevin A" <Kevin.Pieckiel@VirginiaDOT.org> To: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: natd woes Message-ID: <5A617D4D38B5D51192AA0060081849455DD827@501sumail1.vdot.state.va.us>
next in thread | raw e-mail | index | archive | help
I am desperately trying to get natd working, but nothing I try works. Freebsd 4.5-Stable, IPFIREWALL and IPDIVERT enabled in kernel config. rc.conf contains GATEWAY=YES & FIREWALL=YES. ipfw rules are as follows: 00500 divert 8668 tcp from any to any via 159.169.40.2 65535 allow ip from any to any PC has two NICs and a modem. NIC1 is 10.5.51.20, NIC2 is 159.169.40.2. 10.5.51.20 and 159.169.40.2 are on the same physical network. NIC2 is the ONLY computer in it's subnet save a cisco 4000 router that can route traffic between my two subnets. This cisco 4000 also connects my LAN to the company's state-wide WAN. The modem dials up to a video web server connected to a camera via ppp. We will use this black box web server to control the camera and get still image captures. The modem is assigned an IP of 192.168.0.100, the camera is on 192.168.0.10, and the dialup box is 192.168.0.1 (which is the camera's default gateway). I do NOT set the gateway of the dialup computer to 192.168.0.1 as if I were calling an ISP. I do not want this behavior. I need the default gateway to stay where it is so that I can still get to the rest of my WAN and the Internet. Here's what works: PPP enabled as follows-- ppp -nat -ddial cameraserver static route added-- route add 192.168.0.0/24 192.168.0.1 Win2K PC on LAN (10.5.51.18) gets route added-- route add 192.168.0.0 mask 255.255.255.0 10.5.51.20 Make http connection in browser to http://10.5.51.20 and I can connect to my camera like I expect to be able to. Here's what doesn't work: This machine is not a gateway, and it is not possible to set routes on clients or routers to specifically add 192.168.0.0 to point to this machine as I did in the above setup. I want to redirect traffic sent to 159.169.40.2 (since the whole WAN can get to that as is) to my camera at 192.168.0.10. I have tried every concievable way to use natd, with and without the -nat option to PPP, but cannot get clients to connect by pointing their browsers to 159.169.40.2. /etc/ppp/ppp.conf: default: set device /dev/cuaa0 set speed 115200 disable pred1 deny pred1 disable lqr deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 4 \"\" ATZ OK-ATZ-OK ATDT\\T TIMEOUT 60 CONNECT" set redial 100 5 cameraserver: set authname xxx set authkey xxx set phone 9,pri-vate set timeout 0 set openmode active accept chap set ifaddr 127.1.1.1/0 127.2.2.2/0 0.0.0.0 0.0.0.0 I don't know what other info you might need to help me get this working. Any help you could offer would be GREATLY appreciated. Thanks, Kevin A. Pieckiel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A617D4D38B5D51192AA0060081849455DD827>