ipnat question:

[Zhelyazko Georgiev]

Hello,
I'm connected to internet trough LAN, I have router
running freeBSD 5.2. I have several windows boxes in
my ibternal network. I want to be able to access the
remote desktop from outside on one of the windows
boxes. For that reason I'm using IPfirewal and ipnat.
Attached are my rc.conf, ipf.rules and ipnat.rules. 
The router is working fine except I cannot get it to
forward ports, like I did on my linux box. The IPs of
my internal network are 192.168.1.0/24, the external
IP is 84.21.192.150.
Please tell me what I'm doing wrong.Thank you very
much in advance.

Zhelyazko.


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 
-------------- next part --------------
block in all
block out all
pass in quick on lo0
pass out quick on lo0
pass in quick on rl1 from 192.168.1.0/24 to any
pass out quick on rl1 from any to 192.168.1.0/24
pass out on rl0 proto tcp from any to any flags S keep state keep frags
pass out on rl0 proto udp from any to any keep state
pass out on rl0 proto icmp from any to any icmp-type 8 keep state
pass out on rl0 proto gre from any to any keep state
#
#Allow SSH access
pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 22 keep state
#
#Allow ping requests
pass in on rl0 proto icmp from any to 84.21.192.150 keep state
#
#Allow connection on port 3389 for internal Windows RTD
pass in on rl0 proto tcp/udp from any to 84.21.192.150 port = 3389 keep state
-------------- next part --------------
ipnat.rules :

map rl0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto
map rl0 192.168.1.0/24 -> 0/32
rdr rl0 0.0.0.0/32 port 3389 -> 192.168.1.2 port 3389 tcp/udp
-------------- next part --------------
defaultrouter="84.21.192.1"
gateway_enable="YES"
hostname="ironhost.server.com"
#ipsec_enable="YES"
#enable_firewall="YES"
#firewall_type="OPEN"
#firewall_quiet="YES"
ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
ipnat_enable="YES"
#natd_enable="YES"
#natd_interface="rl0"
#natd_flags="-f /etc/natd.rules"
sendmail_enable="NONE"
fsck_y_enable="YES"
syslogd_enable="NO"
#inetd_enable="YES"
ifconfig_rl0="inet 84.21.192.150  netmask 255.255.255.0"
ifconfig_rl1="inet 192.168.1.1  netmask 255.255.0.0"
linux_enable="YES"
moused_enable="YES"
sshd_enable="YES"
usbd_enable="NO"
# This file now contains just the overrides from /etc/defaults/rc.conf.
# Please make all changes to this file, not to /etc/defaults/rc.conf.

# Enable network daemons for user convenience.
# Created: Fri Feb  4 09:25:44 2000
# -- sysinstall generated deltas -- # Fri Feb  4 09:25:44 2000
ifconfig_rl0="inet 84.21.192.150  netmask 255.255.255.0"
ifconfig_rl1="inet 192.168.1.1  netmask 255.255.0.0"
defaultrouter="84.21.192.1"
hostname="ironhost.server.com"