Date: Tue, 04 Jan 2000 11:14:53 -0500 From: "James A. Mutter" <jmutter@commercialmovers.com> To: freebsd-questions@freebsd.org Subject: Need some help with NAT Message-ID: <38721C7D.98FB7588@commercialmovers.com>
next in thread | raw e-mail | index | archive | help
I seem to be having a brain fart here getting NAT setup - I'm looking
for some help.
We're implementing NAT on the BSD box because it's breaking our Ascend
P130 - so I don't need to do firewalling or packet filtering (Yet). I'd
like to get this all up and running using the 'ipfilter' package so that
implementing a firewall will be easy later on down the road.
Here's what I've got so far:
Kernel Options:
IPFIREWALL
IPFIREWALL_DEFAULT_TO_ACCEPT
IPDIVERT
IPFILTER
IPSTEALTH (We'll use this later)
TCP_DROP_SYNFIN (Again, we'll use this later)
TCP_RESTRICT_RST (We'll use this later also)
"ICMP_BANDLIM"
In rc.conf we've got this:
gateway_enable="YES"
In rc.local we've got the following entries:
/sbin/ipf -Fa -f /etc/ipf.rules -E
/sbin/ipnat -CF -f /etc/ipnat.rules
Finally, we've tried 2 different NIC combos -
1st try was 2NIC's, 2IP's, both plugged into the same LAN - That didn't
work very well.
2nd try was 1NIC
pn0=192.196.1.1
pn0:1=204.XXX.XXX.XXX - That doesn't seem to be working either.
As soon as I activate the 'ipnat' rules the machine becomes
inaccessible. However, pings from another machine on the network reveal
something interesting (when ipnat is enabled) Pings are sent to the
internal interface and returned by the external interface.
Any ideas here?
Thanks again,
Jim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38721C7D.98FB7588>