From owner-freebsd-questions  Tue Oct 17 23:18:56 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2])
	by hub.freebsd.org (Postfix) with SMTP id 8502737B4E5
	for <freebsd-questions@FreeBSD.ORG>; Tue, 17 Oct 2000 23:18:54 -0700 (PDT)
Received: from GRAND-CENTRAL-STATION.MIT.EDU by MIT.EDU with SMTP
	id AA16238; Wed, 18 Oct 00 02:18:41 EDT
Received: from melbourne-city-street.MIT.EDU (MELBOURNE-CITY-STREET.MIT.EDU [18.69.0.45])
	by grand-central-station.MIT.EDU (8.9.2/8.9.2) with ESMTP id CAA25628
	for <freebsd-questions@FreeBSD.ORG>; Wed, 18 Oct 2000 02:18:52 -0400 (EDT)
Received: from biohazard-cafe.mit.edu (BIOHAZARD-CAFE.MIT.EDU [18.184.0.31])
	by melbourne-city-street.MIT.EDU (8.9.3/8.9.2) with ESMTP id CAA20981
	for <freebsd-questions@FreeBSD.ORG>; Wed, 18 Oct 2000 02:18:51 -0400 (EDT)
Received: (from slyph@localhost) by biohazard-cafe.mit.edu (8.9.3)
	id CAA04177; Wed, 18 Oct 2000 02:18:51 -0400 (EDT)
Message-Id: <200010180618.CAA04177@biohazard-cafe.mit.edu>
To: freebsd-questions@FreeBSD.ORG
Subject: Static NAT mappings on internal net
Date: Wed, 18 Oct 2000 02:18:51 -0400
From: Michael L Artz <slyph@MIT.EDU>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I have successfully set up natd and ipfw on my FreeBSD4.0 gateway box, using unrouteable addresses for my internal network.  I had a couple of extra IPs, so I set up a couple of static mapppings (using the -redirect_address flag to natd) to my internal machines.  Everything works fine from outside of the network, however when I try and access one of the statically mapped machines from inside the network by its "outside" ip, I end up trying to connect to the gateway, e.g. the gateway does not seem to perform nat translation on packets coming from the internal network.

To be a little more concrete, I am on a class-c network and have several IPs of the form 1.2.3.*.  I use 1.2.3.200 as the IP of the external interface on my FreeBSD box, and use 192.168.0.1 for the internal interface.  All of the internal machines then use addresses from the 192.168.0.* range.  I statically mapped 1.2.3.201 on the outside to 192.168.0.2 on the inside, by first aliasing 1.2.3.201 to my FreeBSD external interface, and then using the flag -redirect_address 192.168.0.2 1.2.3.201.  When I connect from the outside world to 1.2.3.201, I am successfully redirected to 192.168.0.2 on the inside of the network.  However, when I try and connect to 1.2.3.201 from inside the network, I get the FreeBSD gateway machine.

Is there any way around this problem, or should I solve this by setting up a decent DNS and not using IPs?

-Mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message