From owner-freebsd-isp Sat Jul 7 7:30:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from moat.teksupport.net.au (moat.teksupport.net.au [203.17.1.98]) by hub.freebsd.org (Postfix) with ESMTP id 3042C37B405 for ; Sat, 7 Jul 2001 07:30:32 -0700 (PDT) (envelope-from robseco@teksupport.net.au) Received: from rob.secombe (robseco.secombe [192.168.1.2]) by moat.teksupport.net.au (8.11.0/8.11.0) with SMTP id f67EUO346327 for ; Sun, 8 Jul 2001 00:30:24 +1000 (EST) (envelope-from robseco@teksupport.net.au) Message-Id: <3.0.5.32.20010708003023.03759b60@secombe> X-Sender: robseco@secombe X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Sun, 08 Jul 2001 00:30:23 +1000 To: freebsd-isp@freebsd.org From: Rob Secombe Subject: Can anyone explain this? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I recently upgraded a customers link from ISDN using a TA to ADSL using the Alcatel Speed Touch Home ADSL modem and pppoe, as supplied by the access provider. The machine is acting as a gateway/firewall with one NIC connected to the LAN and a second connecting the ADSL modem and uses userland ppp -nat and ipfw. Here is the problem. Everthing works fine from the gateway machine to any machine on the inside or the outside. Browsing works ok provided we use a proxy on the gateway. As soon as we try to forward packets across the gateway via ppp nat something goes awry. For instance, if I try to collect mail from an external pop server the client will establish a connection but will not transfer data. Passive FTP works ok from the gateway but not from a workstation on the inside. We were ipforwarding external smtp to a internal mail server but that doesn't work either. I have temporarily set up sendmail on the gateway to route the mail to the internal server. which does work. The wierd thing is that I can ping hosts across the gateway with varing packet sizes, establish a telnet session with a pop server and even manually do a 'retr' but if I use a mail client it locks up and the pop server drops the connection. The Internal network is not using 'private' ip's but the customer owns the class c, it is behind NAT and the network is not advertised. I have also tried it with the firewall open but to no avail. Here is the config: FreeBSD 3.4-RELEASE ppp.conf adsl: set device PPPoE:rl1 set mru 1492 set mtu 1492 set authname xxxxxxxx set authkey xxxxxxxxx set speed sync enable lqr set cd 5 set dial set login set redial 0 0 set ifaddr 0/0 0/0 add default HISADDR nat enable yes #nat port tcp 203.34.150.3:25 25 nat port tcp 203.34.150.3:80 8000 nat port tcp 203.34.150.2:80 80 nat port tcp 203.34.150.5:80 8080 nat port tcp 203.34.150.5:81 8001 nat port tcp 203.34.150.5:13000 13000 nat port tcp 203.34.150.5:13001 13001 nat port tcp 203.34.150.5:13999 13999 ifconfig rl0: flags=8843 mtu 1500 inet 203.34.150.1 netmask 0xffffff00 broadcast 203.34.150.255 ether 00:60:67:06:94:0b media: autoselect (100baseTX ) supported media: autoselect 100baseTX 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 10baseT/UTP rl1: flags=8843 mtu 1500 inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255 ether 00:60:67:79:61:c2 media: autoselect supported media: autoselect 100baseTX 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP 10baseT/UTP tun0: flags=8051 mtu 1492 inet xxx.xxx.xxx.xxx --> yyy.yyy.yyy.yyy netmask 0xffffff00 Anybody got any ideas - 'cause I have run out. Thanks Rob. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message