NATD server problem on 5.3 ?

Kees Plonsz spam at jeremino.homeunix.net
Tue Apr 19 03:04:08 PDT 2005 

faisal gillani wrote on Tuesday 19 April 2005 10:08 in the group list.freebsd.questions:

> Well i recently installed my first natd server on
> freebsd 5.3, but its not working ?
> 
>  here is wat i did ..
> 
> 1. compiles kernal with the following options
> 
> options IPFIREWALL
> options IPV6FIREWALL
> options IPDIVERT
> 
> 2. made the following entries in rc.conf
> 
> defaultrouter="10.0.0.1"
> gateway_enable="YES"
> hostname="natserver"
> ifconfig_fxp0="inet 192.168.0.1  netmask
> 255.255.255.0"
> ifconfig_xl0="inet 10.0.0.5  netmask 255.255.255.0"
> firewall_enable="yes"
> natd_enable="yes"
> natd_interface="xl0"
> natd_flags="-f /etc/natd.conf"
> 
> 3. made the following entries in rc.firewall
> 
> 
> /sbin/ipfw -f flush
> /sbin/ipfw add allow all from any to any via fxp0
> /sbin/ipfw add allow icmp from  any to any out via xl0
> /sbin/ipfw add allow all from any to any via lo0
> /sbin/ipfw add divert natd ip from any to any via xl0
> /sbin/ipfw add allow ip from any to 10.0.0.5 in recv
> xl0
> /sbin/ipfw add allow ip from 10.0.0.5 to any out xmit
> xl0
> 
> 4. configure the windows clients as follows
> 
> ipaddress = 192.168.0.3
> subnet   = 255.255.255.0
> gateway  = 192.168.0.1
> dns server = 192.168.0.2 "dns server capable of
> resolving internet & local address"
> 
> this is all that i have done but still interet is not
> working on clients , what should i do now ?
> 
It seems all quite well. You can debug this kind of problems yourself.
On the natd-server you start:
# tcpdump -i xl0
Then you start on your window client: 
( any ip address wich responds to ping will do ) 
# ping  194.109.21.3 
Then you have to see on the natd-server:

11:57:21.777620 IP natd-server > xs2.xs4all.nl: icmp 64: echo request seq 0
11:57:21.785412 IP xs2.xs4all.nl > natd-server: icmp 64: echo reply seq 0

If it doesnot show anything, you can repeat this for your
fxp0 interface ( where the window client is connected i suppose )

>From the results you can conclude wich connection is (not) working




-- 
Key-ID = A6581435          E-mail address is valid

More information about the freebsd-questions mailing list