From owner-freebsd-ipfw Mon Jul 29 22:33:40 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47BCB37B400 for ; Mon, 29 Jul 2002 22:33:38 -0700 (PDT) Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id C74FD43E67 for ; Mon, 29 Jul 2002 22:33:37 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020730053337.QDHI24567.rwcrmhc51.attbi.com@blossom.cjclark.org>; Tue, 30 Jul 2002 05:33:37 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.3/8.12.3) with ESMTP id g6U5XaJK089525; Mon, 29 Jul 2002 22:33:36 -0700 (PDT) (envelope-from crist.clark@attbi.com) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.3/8.12.3/Submit) id g6U5XXEp089524; Mon, 29 Jul 2002 22:33:33 -0700 (PDT) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Mon, 29 Jul 2002 22:33:33 -0700 From: "Crist J. Clark" To: Naga Suresh B Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: problem with portforwarding Message-ID: <20020730053333.GA89241@blossom.cjclark.org> Reply-To: "Crist J. Clark" References: <004d01c232d3$352683c0$9600a8c0@blraddrcom> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <004d01c232d3$352683c0$9600a8c0@blraddrcom> User-Agent: Mutt/1.4i X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG [-security snipped, this has nothing to do with -security. It is probably better for -questions than -ipfw too, but I'll not change that.] On Wed, Jul 24, 2002 at 11:00:20AM +0530, Naga Suresh B wrote: > Hai, > > We are facing a problem in configuring the portforwarding on > our gateway. We are having a gateway with two network cards one with > external ip(xxx.xxx.xxx.170) and another one with internal > ip(192.168.0.200). We Created an alias ip for another external > ip(xxx.xxx.xxx.172) and we had done portforwarding 443 to another internal > ip (192.168.0.203) on another fbsd machine. We added the following line in > the natd.conf on 192.168.0.200 > redirect_port tcp 192.168.0.203:443 xxx.xxx.xxx.172:443 > redirect_port tcp 192.168.0.203:22 xxx.xxx.xxx.172:22 > We are running ipfw on the 192.168.0.200. We are running httpd on both the > machines. After doing portforwarding when we are trying to access the > application from outside xxx.xxx.xxx.172 is working fine. But we are not > able to access the application on 172 from inside with public ip and we are > able to access the application with 192.168.0.203. Also the name does not > resolve for the IP xxx.xxx.xxx.172 from the internal network where as the > same thing happens from outside. How do we solve this? Please Give the > solution as early as possible and plz help us. This is a FAQ, http://docs.freebsd.org/cgi/getmsg.cgi?fetch=0+0+archive/2002/freebsd-questions/20020224.freebsd-questions There are a number of ways to solve this. The two most common are two invoke another natd(8) on the internal interface or to properly configure DNS to resolve to different IPs for the same hostname depending on which network the query comes. Your DNS issue is completely separate and has nothing to do with NAT. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message