From owner-freebsd-questions@FreeBSD.ORG Thu Jan 17 14:23:15 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09D8316A417 for ; Thu, 17 Jan 2008 14:23:15 +0000 (UTC) (envelope-from gandalf@shopzeus.com) Received: from viefep14-int.chello.at (viefep18-int.chello.at [213.46.255.22]) by mx1.freebsd.org (Postfix) with ESMTP id 809B613C459 for ; Thu, 17 Jan 2008 14:23:13 +0000 (UTC) (envelope-from gandalf@shopzeus.com) Received: from [192.168.1.103] (really [80.99.119.201]) by viefep14-int.chello.at (InterMail vM.7.08.02.00 201-2186-121-20061213) with ESMTP id <20080117142312.YJLQ23496.viefep14-int.chello.at@[192.168.1.103]> for ; Thu, 17 Jan 2008 15:23:12 +0100 Message-ID: <478F64CF.7000603@shopzeus.com> Date: Thu, 17 Jan 2008 15:23:11 +0100 From: Laszlo Nagy User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: routing question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jan 2008 14:23:15 -0000 Hi, I have this configuration: Internet -----> [Hw Router] ---- (LAN1: 192.168.2.0/24) -----> [ 192.168.2.138 GatewayComp 192.168.0.1 ] ------ (LAN2: 192.168.0.0/24) I would like to access a computer from LAN1 to LAN2. LAN1 machine is: FreeBSD office1adsl.dyndns.org 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 office1adsl# ifconfig fxp0: flags=8843 mtu 1500 options=8 inet 192.168.2.114 netmask 0xffffff00 broadcast 192.168.2.255 ether 00:50:8b:f7:30:24 media: Ethernet autoselect (100baseTX ) status: active plip0: flags=108810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 office1adsl# netstat -nr Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.2.1 UGS 0 1262107 fxp0 127.0.0.1 127.0.0.1 UH 0 127122 lo0 192.168.0 192.168.2.138 UGS 0 4 fxp0 192.168.2 link#1 UC 0 0 fxp0 192.168.2.1 00:13:f7:26:42:69 UHLW 2 108 fxp0 1188 192.168.2.138 00:50:fc:8c:f6:62 UHLW 2 1469 fxp0 143 192.168.2.255 ff:ff:ff:ff:ff:ff UHLWb 1 10044 fxp0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#3 UHL lo0 ff01:3::/32 fe80::1%lo0 UC lo0 ff02::%lo0/32 fe80::1%lo0 UC lo0 office1adsl# ipfw show ipfw: getsockopt(IP_FW_GET): Protocol not available GatewayComp machine is: cassiopeia# uname -a FreeBSD cassiopeia.ronet 6.2-RELEASE-p7 FreeBSD 6.2-RELEASE-p7 #5: Wed Aug 29 14:18:01 EDT 2007 gandalf@cassiopeia.ronet:/usr/obj/usr/src/sys/CASSIOPEIA i386 cassiopeia# ifconfig myk0: flags=8843 mtu 1500 options=2b inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 ether 00:17:31:c3:d2:fe media: Ethernet autoselect (1000baseTX ) status: active rl0: flags=8843 mtu 1500 options=8 inet 192.168.2.138 netmask 0xffffff00 broadcast 192.168.2.255 ether 00:50:fc:8c:f6:62 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 cassiopeia# netstat -nr Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.2.1 UGS 0 16241 rl0 127.0.0.1 127.0.0.1 UH 0 4600 lo0 192.168.0 link#1 UC 0 0 myk0 192.168.0.121 00:02:a5:23:f3:d0 UHLW 1 153132 myk0 121 192.168.0.126 00:02:a5:e5:19:39 UHLW 1 94435 myk0 581 192.168.0.128 00:02:a5:c8:65:f8 UHLW 1 230797 myk0 130 192.168.0.130 00:02:a5:e0:e1:9c UHLW 1 124633 myk0 306 192.168.0.131 00:02:a5:e0:c8:f4 UHLW 1 258495 myk0 165 192.168.0.132 00:02:a5:08:76:85 UHLW 1 161701 myk0 957 192.168.2 link#2 UC 0 0 rl0 192.168.2.1 00:13:f7:26:42:69 UHLW 2 30 rl0 1127 192.168.2.114 00:50:8b:f7:30:24 UHLW 2 1876 rl0 72 192.168.2.138 00:50:fc:8c:f6:62 UHLW 1 70 lo0 cassiopeia# grep gateway /etc/rc.conf gateway_enable="YES" cassiopeia# ipfw show 00001 29588 12691049 allow ip from any to any 00002 0 0 allow udp from any to any 00003 0 0 allow tcp from any to any 00100 9512 297448 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 2172178 1136712828 allow ip from any to any 65535 1 330 deny ip from any to any cassiopeia# Now, here is what I try from LAN1 machine: office1adsl# ping 192.168.0.132 PING 192.168.0.132 (192.168.0.132): 56 data bytes ^C --- 192.168.0.132 ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss office1adsl# telnet 192.168.0.132 5900 Trying 192.168.0.132... ^C The same from the GatewayComp machine: cassiopeia# ping 192.168.0.132 PING 192.168.0.132 (192.168.0.132): 56 data bytes 64 bytes from 192.168.0.132: icmp_seq=0 ttl=64 time=0.252 ms 64 bytes from 192.168.0.132: icmp_seq=1 ttl=64 time=0.259 ms 64 bytes from 192.168.0.132: icmp_seq=2 ttl=64 time=0.247 ms ^C --- 192.168.0.132 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.247/0.253/0.259/0.005 ms cassiopeia# telnet 192.168.0.132 5900 Trying 192.168.0.132... Connected to 192.168.0.132. Escape character is '^]'. RFB 003.008 ^C ^CConnection closed by foreign host. cassiopeia# Question: what is wrong with this confing? What should I change if I want to access LAN2 from LAN1? Thanks, Laszlo