Re: Problem with Multihomed Machine

Fri, 05 Jan 2001 17:05:37 -0800

 
Nick Rogness wrote:
On Fri, 5 Jan 2001, Sean wrote:

> Hello.  I'm having some problems setting up a multihomed machine and was
> wondering if someone could point me in the right direction.  I have a
> FreeBSD box with 2 ethernet cards.  One card, rl0, is connected to my
> cable modem.  The other card, rl1, is connected to a Win2000 box.   The
> goal is to have FreeBSD act as a firewall for the Win2000 machine.  I
> have set the IP address of the internal network card (rl1) to 10.0.0.1,
> and I have the IP address of Win2000 set as 10.0.0.2, with a gateway of
> 10.0.0.1.  The problem I'm having is, I can't get Win2000 to do anything
> to try and connect to FreeBSD, it won't even do a ping of the FreeBSD
> machine.  From FreeBSD, I can get on the internet, and ping Win2000,
> but, Win2000 won't connect to anything.  I've read quite a few howtos on

        Is gateway_enable turned on ?  Is firewalling turned on?  If
        so, what do your rules look like?  Is natd enabled?

In /etc/rc.conf I have gateway_enable="YES" and natd_enable="YES".  For the firewalling,  I recompiled the kernel with the following options:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT

from "ipfw list", I have the following rules in place
00100 divert 8668 ip from any to any via rl0
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
65000 allow ip from any to any
65535 allow ip from any to any

I tried resetting the internal network card's IP address to 10.0.0.3, per another suggestion, but, that didn't have any effect.

In my natd configuration file, i have:

unregistered_only
log yes
use_sockets yes
same_ports yes
 

 

> natd and setting up a firewall, but, I can't figure out why it's not
> working.  Just from looking at the Win2000 settings, it appears it's set
> up right, so, I am wondering if I'm doing something wrong in FreeBSD.
>
> Below I've included the output from ifconfig -a, netstat -rn and netstat
> -in.  Any help would be greatly appreciated.
>

Nick Rogness
- Drive defensively.  Buy a tank.

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

-- 

Sean Chisek
[EMAIL PROTECTED]
 

 

Reply via email to