I just tried this, but unfortunately, the same thing happens as with ipfilter:configure port with SNMP-server as 192.168.0.17/30 for example instead 192.168.2.1/24, and sysctl net.link.ether.inet.proxyall=1
and configure SNMP-server as 192.168.0.18/24
If you can change mask of SNMP-server, you can use 192.168.0/24 and 192.168.1/24 on gateway and 192.168.0/25 on SNMP-server.
No NAT is needed.
The primary address of the interface ed0 on the gateway (the public adress) is used to forward the arp request.
Taken from a dump on the gateay, when attempting telnet:
Incoming on rl0:
03:35:05.867883 192.168.0.2.1511 > 192.168.2.2.23: S 1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]
Outgoing on ed0:
03:35:05.868333 195.0.0.1.15009 > 192.168.2.2.23: S 1377718084:1377718084(0) win 57344 <mss 1460> (DF) [tos 0x10]
Since 195.0.0.1 (obviously obfuscated) does not fall within the subnet the 192.168.2.2 box is on, there will never be a reply from the 192.168.2.2 box.
ARP proxying goes fine, on the WWW box, I can see the proxied reply coming from my gateway for the 192.168.1.1 address .....
Can anyone tell me, how I can make the box use the secondary address (alias) automatically for forwarding the telnet session?
Could it be that since the gateway is running many-to-one NAT as well, this is conflicting ?
Greetings,
Nils.
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
