IpNat and 3 NIC

fbsd_user fbsd_user at a1poweruser.com
Thu Jan 12 10:53:46 PST 2006 

answer is that is the syntax of the ipnat rules.
read the handbook its all there.
vr0 is the interface faceing the public internet just like syntax
requires

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of cedric
Gross
Sent: Thursday, January 12, 2006 10:54 AM
To: fbsd_user at a1poweruser.com; freebsd-questions at freebsd.org
Subject: RE: IpNat and 3 NIC


Thanks you, it's working !

But why using vr0 instead of vr1 for map instruction ? Network
192.168.0.32/27 is attach to  vr1 not vr0 ...

Is it an IPNat mystery or have you an answer ?

> -----Message d'origine-----
> De : owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org] De la part de
fbsd_user
> Envoyé : jeudi 12 janvier 2006 16:43
> À : cedric Gross; freebsd-questions at freebsd.org
> Objet : RE: IpNat and 3 NIC
>
> You have ipnat statements wrong.  should be liked this
>
> map vr0 10.0.0.0/8 -> 0.32 proxy port ftp ftp/tcp
> map vr0 10.0.0.0/8 -> 0.32 portmap tcp/udp 20000:60000
> map vr0 10.0.0.0/8 -> 0.32
> map vr0 192.168.0.0/30 -> 0.32 portmap tcp/udp auto
> map vr0 192.168.0.32/27 -> 0.32 portmap tcp/udp auto
> map vr0 192.168.0.32/27 -> 0.32
> map vr0 192.168.0.96/27 -> 0.32 portmap tcp/udp auto
> map vr0 192.168.0.96/27 -> 0.32
> rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp
> rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp
> rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp
>
> Note map vr1 has been changed to vr0
>
> If your public IP 84.96.23.106 is not dedicated to you by your
ISP,
> then you should not be hard coding it in your IPnat rules.  Read
the
> Freebsd ipfilter documentation in the handbook for details.
>
> 0.32 = The IP address/netmask assigned by your ISP.
>        The special keyword 0.32 tells ipnat to get the current
> public
>        IP address of the interface specified on this statement and
>        substitute it for the 0.32 keyword.
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of cedric
> Gross
> Sent: Thursday, January 12, 2006 9:58 AM
> To: freebsd-questions at freebsd.org
> Subject: IpNat and 3 NIC
>
>
> Hello,
>
> I have my FreeBSD 5.4 box with 3 NIC :
>
> Xl0 LAN with network 10.0.0.0/8 and 192.168.0.0/30
> VR0 Wan 84.96.23.106/32
> VR1 LAN with network 192.168.0.32/27 and 192.168.0.96/27
>
> I use IPNAT and Ip filter.
>
> I'm doing NAT from Xl0 to Vr0, it's working fine
>
> I'm trying to do the same thing with vr1 to Vr0 but it's seems
that
> traffic
> coming from vr1 are not translated.
> Is there a interface limitation with IPNAT ?
>
> Is there a way to do translation from both NIC ?
>
> Here is my ipnat.conf :
> map vr0 10.0.0.0/8 -> 84.96.23.106/32 proxy port ftp ftp/tcp
> map vr0 10.0.0.0/8 -> 84.96.23.106/32 portmap tcp/udp 20000:60000
> map vr0 10.0.0.0/8 -> 84.96.23.106/32
> map vr0 192.168.0.0/30 -> 84.96.23.106/32 portmap tcp/udp auto
> map vr1 192.168.0.32/27 -> 84.96.23.106/32 portmap tcp/udp auto
> map vr1 192.168.0.32/27 -> 84.96.23.106/32
> map vr1 192.168.0.96/27 -> 84.96.23.106/32 portmap tcp/udp auto
> map vr1 192.168.0.96/27 -> 84.96.23.106/32
> rdr xl0 0.0.0.0/0 port 80 -> 10.0.0.254 port 3128 tcp
> rdr vr1 192.168.0.32/27 port 80 -> 10.0.0.254 port 3128 tcp
> rdr vr1 192.168.0.96/27 port 80 -> 10.0.0.254 port 3128 tcp
>
> Thanks for help.
> Cedric
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>


_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list