Date: Mon, 03 Feb 2003 17:16:04 +0000 From: Rob O'Donnell <robert@aphnet.co.uk> To: <mark@fantoma.net>, <freebsd-questions@freebsd.org> Subject: Re: Routing, NAT'ing and and external ADSL router. Message-ID: <5.1.1.6.0.20030203170636.0200fd90@aph2k> In-Reply-To: <10072.150.101.208.127.1044255719.squirrel@mail.zoper.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 23:01 02/02/2003 -0800, mark@fantoma.net wrote: >I have 2 network cards in the gateway machine. >rl0 is 192.168.0.1 255.255.255.0 >rl1 is 192.168.1.1 255.255.255.0 >(p.s. I know realtek suck.. but they were just spare cards!) > >There is an external ADSL router connected to rl1, who's IP address is >192.168.1.2 > >The default router is "192.168.1.2" > >natd is enabled, and the natd interface is "rl1" >and gateway is enabled. > >First off, it only seems to work if I also enable NATing on the ADSL >router, which I would've thought would've caused problems due to "double >NATting" You would need to do this - the internet will ignore your 192.168 addresses. I have a similar setup at home: internet ---> [hw adsl router (192.168.1.1)] --> [192.168.1.11(gateway)192.168.0.11] --> LAN -> multiple PCs. You need NAT enabled on the router. You don't need NAT on the gateway PC; just a basic ability to forward (route) packets. Default route on the gateway machine is the ADSL router. Default router on other machines on the LAN is the gateway machine and (here's the biggie) you need to set up a static route on the ADSL router for your LAN, gateway being your gateway PC. In my case, I set up 192.168.0.0/24 -> 192.168.1.11. Exact means to do so depends on make & model of router. You let the router do all the NAT. it knows about the network between your gateway pc and itself because it's on it, but you have to tell it where to find the other network, otherwise it'll just send it out the Internet, where it will be dropped. Doing your double-NAT will work, as you have found, but it increases additional complexity, and means if you want to set up any pas-through ports you will need to set them up on both devices too. >Secondly, due to this setup, I don't really know how to configure the >firewall.. firewall can still be set up, but i will leave any details to the experts on this list. >Any, and I mean any, help would be appreciated! :) > >Cheers, >Mark > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message -- APH Computers Ltd. Tel: 0161-442 2603 Fax: 0161-443 1162 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.0.20030203170636.0200fd90>