Date: Tue, 14 Oct 2003 00:07:04 +0900 From: Luke Kearney <lukek@meibin.net> To: freebsd-questions@freebsd.org Subject: Re: NAT and PPPoE problems Message-ID: <20031014000134.CF8E.LUKEK@meibin.net> In-Reply-To: <Pine.BSF.4.05.10310121732110.2105-100000@addr8.addr.com> References: <Pine.BSF.4.05.10310121732110.2105-100000@addr8.addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, =46rom my casual observation your rc.conf has a spelling error in it, you have gatway_enable=3D"yes" should of course be gateway_enable=3D"yes". Sorr= y if you had picked it up earlier.=20 This is one of my favourites for setting up a router http://lantech.geekvenue.net/chucktips/jason/chuck/1031194375/index_html as is=20 http://www.schlacter.net/public/FreeBSD-STABLE_and_IPFILTER.html or http://renaud.waldura.com/doc/freebsd/firewall/ Good luck with that one LukeK On Sun, 12 Oct 2003 18:16:34 -0700 (PDT) Sean Noonan <snoonan@addr8.addr.com> granted us these pearls of wisdom: > Hi Folks, >=20 > I've used NAT with FreeBSD for years now, but recently had to change my > ISP. My new ISP, SBC, uses PPPoE (yuck). I've finally got PPPoE working= , > but am having a heck of a time getting NAT to work with it. I'm tracking > STABLE and cvsup'd, etc, about two weeks ago to 4.9-PRERELEASE. Here's m= y > config: >=20 > /etc/ppp/ppp.conf: >=20 > default: > # PPP over Ethernet > set log phase tun command > set device PPPoE:dc0 > set mru 1492 > set mtu 1492 > set ctsrts off > set cd off > set redial 0 0 > set dial > set login > # set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 > set ifaddr 67.116.219.246/0 67.116.219.254/0 > add default HISADDR # Add a (sticky) default route > enable lqr > enable dns > SBC: > set authname myuserid@sbcglobal.net > set authkey mypassword >=20 > /etc/rc.conf: >=20 > ez_ipupdate_enable=3D"YES" > firewall_enable=3D"YES" > firewall_type=3D"open" > firewall_logging=3D"YES" > gatway_enable=3D"YES" > gif_interfaces=3D"gif0" > # gifconfig_gif0=3D"67.112.141.75 67.52.144.191" > hostname=3D"sean-noonan.kicks-ass.net" > ifconfig_xl0=3D"inet 192.168.6.1 netmask 255.255.255.0" > ipsec_enable=3D"YES" > kern_securelevel_enable=3D"NO" > linux_enable=3D"YES" > lpd_endable=3D"YES" > moused_enable=3D"YES" > moused_flags=3D"-3" > moused_type=3D"auto" > named_enable=3D"NO" > #natd_enable=3D"YES" > #natd_interface=3D"dc0" > network_interfaces=3D"xl0 dc0 gif0 tun0 lo0" > nfs_reserved_port_only=3D"YES" > nfs_server_enable=3D"YES" > nisdomainname=3D"NO" > ppp_enable=3D"YES" > ppp_mode=3D"ddial" > ppp_nat=3D"YES" > ppp_profile=3D"SBC" > saver=3D"logo" > sendmail_enable=3D"YES" > sshd_enable=3D"YES" > syslogd_enable=3D"YES" > tcp_extensions=3D"YES" > xntpd_enable=3D"YES" >=20 > output of ifconfig -a: >=20 > xl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 192.168.6.1 netmask 0xffffff00 broadcast 192.168.6.255 > inet6 fe80::2a0:24ff:fed8:4738%xl0 prefixlen 64 scopeid 0x1 > ether 00:a0:24:d8:47:38 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > dc0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet6 fe80::204:5aff:fe45:5aa8%dc0 prefixlen 64 scopeid 0x2 > ether 00:04:5a:45:5a:a8 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > lp0: flags=3D8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 > lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 > inet 127.0.0.1 netmask 0xff000000 > ppp0: flags=3D8010<POINTOPOINT,MULTICAST> mtu 1500 > sl0: flags=3Dc010<POINTOPOINT,LINK2,MULTICAST> mtu 552 > faith0: flags=3D8002<BROADCAST,MULTICAST> mtu 1500 > tun0: flags=3D8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 > inet 67.121.201.208 --> 67.121.203.254 netmask 0xffffffff > Opened by PID 57 >=20 > output of netstat -rn: >=20 > Routing tables > Internet: > Destination Gateway Flags Refs Use Netif Expir= e > default 67.121.203.254 UGSc 4 30 tun0 > 67.121.203.254 67.121.201.208 UH 5 0 tun0 > 127.0.0.1 127.0.0.1 UH 0 0 lo0 > 192.168.6 link#1 UC 1 0 xl0 > 192.168.6.2 00:0c:76:51:77:7e UHLW 0 0 xl0 107= 9 >=20 > The RFC1918 PC is using 192.168.6.2 for its IP address and 192.168.6.1 fo= r > its default gateway. The RFC1918 PC can successfully ping the gateway's > internal and external interfaces, but nothing beyond. >=20 > Adding an ipfw rule like: >=20 > ipfw add 1 allow log ip from any to any >=20 > shows ping traffic betwen the inside interface of the gateway and the > RFC1918 PC, but nothing else. >=20 > I've tried several ways of involking NAT, including via the ppp.conf file= , > via the command-line, and via rc.conf (the current flavor). None seem to > work. >=20 > Anybody have an ideas on how to proceed?? >=20 > TIA, >=20 > --Sean Noonan. >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031014000134.CF8E.LUKEK>