On June 21, 2017 6:01:10 PM GMT+02:00, Josh Grosse <j...@jggimi.net> wrote: >On 2017-06-21 11:36, lu jian wrote: >> Hi >> >> I have an i386 machine with two network interfaces, one of which >> connect to the uplink ISP via pppoe, the other connects to the WAN >> port of a wireless router to which all LAN machines and cell phones >> connect (via wifi). >> >> The problem is that this i386 machine (which I intend as a firewall) >> can access the internet, but all LAN machines cannot. >> >> Hint: my wireless router can obtain dhcp address from the i386 >machine. >> >> These two network interfaces on the i386 are bge0 and fxp0. >> >> 1) Configuration for fxp0: >> # cat /etc/hostname.fxp0 >> up >> # cat /etc/hostname.pppoe0 >> inet 0.0.0.0 255.255.255.255 NONE \ >> pppoedev fxp0 authproto chap \ >> authname 'account' authkey '123' up >> dest 0.0.0.1 >> >> !/sbin/route add default -if pppoe0 0.0.0.1 >> >> 2) Configuration for bge0: >> # cat /etc/hostname.bge0 >> inet 192.168.0.1 255.255.255.0 192.168.0.255 > >This is a subnet within RFC 1918 - a private network, not >directly routea-able on the Internet. > >You must add Network Address Translation (NAT) to your PF configuration > >in order >to access the Internet from that subnet. > >See the NAT section of the PF User's Guide. > >http://www.openbsd.org/faq/pf/nat.html
That, and we didn't see the dhcpd.conf. /Alexander
