Date: Mon, 15 May 2000 12:10:03 -0500 (CDT) From: Brennan W Stehling <brennan@offwhite.net> To: "Ing. Ramon F. Tecolt G." <rtecolt@uiagc.pue.uia.mx> Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: Help with NAT! Message-ID: <Pine.BSF.4.10.10005151201150.68664-100000@home.offwhite.net> In-Reply-To: <39202963.5DA8E727@uiagc.pue.uia.mx>
next in thread | previous in thread | raw e-mail | index | archive | help
Where does it reference 10.2.0.3? What are your nat rules? What I would suggest is turn off natd_enable. Then read over the instructions here... http://www.freebsddiary.org/natrules.html Then I added the following two lines to rc.local echo -n " ipnat" ipnat -f /etc/natrules That is how I got my NAT working in minutes. And when you are just first setting it up, try turning the firewall off. There is no need to add that level of complexity when trying to get it working. If you can get it to work without a firewall, you can at least determine you have the proper NAT configuration. Then you can add on the firewall and troubleshoot that. Brennan Stehling - web developer and sys admin projects: www.greasydaemon.com | www.onmilwaukee.com | www.sncalumni.com Microsoft: Will you get a macro virus today? On Mon, 15 May 2000, Ing. Ramon F. Tecolt G. wrote: > Here is my configuration: > > Hardware: > Intel Pentium 166 MMX, 128Mb RAM, 4Gb HD, 2 NIC: 3Com and Intel > > rc.conf > hostname="chido.pue.uia.mx" # Set this! > nisdomainname="NO" # Set to NIS domain if using NIS (or NO). > firewall_enable="YES" # Set to YES to enable firewall functionality > firewall_type="open" # Firewall type (see /etc/rc.firewall) > firewall_quiet="NO" # Set to YES to suppress rule display > tcp_extensions="YES" # Allow RFC1323 & RFC1644 extensions (or NO). > network_interfaces="xl0 fxp0 lo0" # List of network interfaces (lo0 is > loopback). > ifconfig_xl0="inet 10.0.0.1 netmask 0xffff0000" # Servers y Telecomm > ifconfig_xl0_alias0="inet 10.1.0.1 netmask 0xffffffff" # Acnet-Adnet > ifconfig_xl0_alias1="inet 10.2.0.1 netmask 0xffffffff" # Labs-Informatica > ifconfig_xl0_alias2="inet 10.3.0.1 netmask 0xffffffff" # CIA-CAADI > ifconfig_fxp0="inet 192.100.196.254 netmask 255.255.255.0" # Red Valida > ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration. > inetd_enable="YES" # Run the network daemon dispatcher (or NO). > inetd_flags="" # Optional flags to inetd. > named_enable="YES" # Run named, the DNS server (or NO). > named_program="/usr/sbin/named" # named program, in case we want bind8 > instead. > named_flags="-b /etc/DNS/named.boot" # Flags to named (if enabled). > defaultrouter="192.100.196.2" # Set to default gateway (or NO). > static_routes="" # Set to static route list (or leave empty). > gateway_enable="YES" # Set to YES if this host will be a gateway. > router_enable="NO" # Set to YES to enable a routing daemon. > router="routed" # Name of routing daemon to use if enabled. > router_flags="-q" # Flags for routing daemon. > arpproxy_all="" # replaces obsolete kernel option > ARP_PROXYALL. > forward_sourceroute="NO" # do source routing (only if gateway_enable is > set to "YES") > accept_sourceroute="NO" # accept source routed packets to us > natd_enable="YES" # Enable natd if firewall_enable. > natd_interface="fxp0" # Public interface to use with natd if > natd_enable. > natd_flags="-u -s -m -dynamic" # Additional flags for natd. > > > rc.firewall > # set these to your network and netmask and ip > net="192.100.196.0" > mask="255.255.255.0" > ip="192.100.196.254" > ############ > # This is a prototype setup for a simple firewall. Configure this machine > > # as a named server and ntp server, and point all the machines on the > inside > # at this machine for those services. > ############ > > # set these to your outside interface network and netmask and ip > oif="fxp0" > onet="192.100.196.0" > omask="255.255.255.0" > oip="192.100.196.254" > > # set these to your inside interface network and netmask and ip > iif="xl0" > inet="10.0.0.0" > imask="255.255.0.0" > iip="10.0.0.1" > > > and also i have recompiled kernel with IPDIVERT and IPFIREWALL > > > anything else!? > > Brennan W Stehling wrote: > > > Could you provide a tad bit more information? > > > > Is 10.2.0.3 an address on your network? What is your configuration? > > What is your hardware? What settings in /etc/rc.conf do you have? Do you > > have the box enabled as a gateway? > > > > It is hard to figure your problem with the little information that you > > have provided. > > > > Brennan Stehling - web developer and sys admin > > projects: www.greasydaemon.com | www.onmilwaukee.com | www.sncalumni.com > > > > Microsoft: Will you get a macro virus today? > > > > On Mon, 15 May 2000, Ing. Ramon F. Tecolt G. wrote: > > > > > Commonly i get this error: > > > > > > May 15 11:16:25 chido /kernel: arplookup 10.2.0.3 failed: host is not on > > > local network > > > > > > anyone knows why is happening this!? some misconfigration with the NAT? > > > > > > -- > > > +------------------------------------------------------+ > > > Ing. Ramon F. Tecolt Gonzalez > > > Network Manager & Webmaster > > > > > > Direccion de Informatica > > > Coordinacion de Operacion > > > > > > Universidad Iberoamericana - Golfo Centro > > > Km. 3.5 Carretera Federal > > > Puebla - Atlixco 72430 > > > Col. Concepcion La Cruz > > > Puebla, Pue., Mx. > > > > > > Office: +52 (2) 229 07 34 > > > Fax: +52 (2) 230 17 30 > > > EMail: rtecolt@uiagc.pue.uia.mx > > > +------------------------------------------------------+ > > > > > > > > -- > +------------------------------------------------------+ > Ing. Ramon F. Tecolt Gonzalez > Network Manager & Webmaster > > Direccion de Informatica > Coordinacion de Operacion > > Universidad Iberoamericana - Golfo Centro > Km. 3.5 Carretera Federal > Puebla - Atlixco 72430 > Col. Concepcion La Cruz > Puebla, Pue., Mx. > > Office: +52 (2) 229 07 34 > Fax: +52 (2) 230 17 30 > EMail: rtecolt@uiagc.pue.uia.mx > +------------------------------------------------------+ > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10005151201150.68664-100000>