[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
HOWTO Ping LAN???
- Subject: HOWTO Ping LAN???
- From: hzs202 at nyu.edu (Hakim Z. Singhji)
- Date: Fri Aug 20 01:27:36 2004
-----BEGIN PGP SIGNED MESSAGE-----
Thank you for your replies gentlemen, this post is a bit old, I have
already built my FreeBSD NAT box and configured IPFW...I am currently
building a new kernel configuration for the machine to include IPDIVERT,
IPFIREWALL and a few other system specific modifications.
If I have any questions concerning this issue, I will include you both
(Eric, Rich) in the list. Thanks
Eric Crist wrote:
| SEE BOTTOM
|>[mailto:owner-freebsd-questions_(_at_)_freebsd_(_dot_)_org] On Behalf Of
|>Sent: Thursday, August 19, 2004 11:46 PM
|>To: 'Hakim Singhji'; 'Hakim Z. Singhji'; 'MatthewSeaman'
|>Cc: 'Bill Moran'; freebsd-questions_(_at_)_freebsd_(_dot_)_org
|>Subject: RE: HOWTO Ping LAN???
|>What you are trying to do is possible in two ways:
|>1. SSH to the box, and tunnel to other internal machines
|>according to the tunnels you have set up. (See the last email
|>I sent). 2. Port forward connections from the Internet "thru"
|>the BSD to internal machines.
|>Check these links: http://www.rootprompt.net/freebsd_firewall.html
|>From: Hakim Singhji [mailto:Hakim_(_dot_)_Singhji_(_at_)_nychhc_(_dot_)_org]
|>Sent: Thursday, July 29, 2004 10:27 AM
|>To: Hakim Z. Singhji; MatthewSeaman
|>Cc: Bill Moran; freebsd-questions_(_at_)_freebsd_(_dot_)_org
|>Subject: Re: HOWTO Ping LAN???
|>You say that the only way I will be able to connect to my
|>network is by tunneling.
|>This is not what I want to do, I thought I may be able to
|>SSH, Telnet, www, etc.
|>from the outside to my default gateway and have the gateway
|>pass SSH, Telnet,
|>www., or any other request to the machine on the private
|>network by including the
|>"localhost.defaultgateway.domain.org" or something to that affect.
|>Does NAT Overloading only go one way???
|>Hakim Z. Singhji
|>Coordinating Mgr. / Infection Control
|>>>>Matthew Seaman <m_(_dot_)_seaman_(_at_)_infracaninophile_(_dot_)_co_(_dot_)_uk>
|>On Thu, Jul 29, 2004 at 01:40:02AM -0400, Hakim Z. Singhji wrote:
|>>* Internet *
|>>* Defaut GW * __ __ *Kids Machine*
|>>*220.127.116.11 * *18.104.22.168 *
|>>FreeBSD 4.10 * * Mandrake 10*
|>>*Redhat 9 *
|>>This is a rough diagram of the network... I would like to
|>>etc. the machines behind the default gateway directly (without
|>>tunneling) from the outside the network (at work for
|>example). Is this
|>>possible and if so how do I config. Keep in mind that my default
|>>gateway is FreeBSD. I know this may be a complicated project but if
|>>you could help that would help me greatly. Many thanks to
|>I'm afraid that's not going to be possible with your current
|>network layout. If you want all of your machines to be
|>accessible from the Internet, then you'll need routable
|>addresses on all of your machines.
|>I know you've said you don't want to use tunnelling, but
|>unfortunately, that's the only way you can access a private
|>address space as you have from outside it. A relatively
|>simple way of doing that is to ssh into your gateway box, and
|>use the '-L' or '-R' portforwarding options to create a
|>tunnel to one of the internal machines, and then ssh or
|>otherwise connect through that tunnel: see eg.
| One other point: you're going to have problems if you're using
| 192.168.0.0 as the IP number on your FreeBSD machine. That's the
| *network* address, and shouldn't be applied directly to any specific
| machine. If you're running your internal network using 192.168.0.0/24 as
| the address space, then you have 254 addresses (from 192.168.0.1 to
| 192.168.0.254) to use for client machines, since 192.168.0.0 (network
| address) and 192.168.0.255 (broadcast address) are reserved as part of
| the networking setup.
| Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
| Savill Way
| PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
| Tel: +44 1628 476614 Bucks., SL7 1TH UK
| There is one real solution to this here.
| You could setup a DMZ to your Default Gateway. If this is a Linksys
| Broadband Gateway, it's as simple as checking a box and typing in the
| private IP address. This routes all incoming (non-statefull)
| connections to this host. Since your IP changes, use a dynamic DNS
| service such as no-ip.org(sp?) or tzo.com. I've used TZO.com,
| personally, then I just got DSL with a /29 static IP address allocation.
| This should work without issue, unless your DMZ firewall rules prevent
| it. I would need more information to let you know.
| Eric F Crist
| Best Access Systems
| 11300 Rupp Dr. Burnsville, MN 55337
| Phone: 952.894.3830
| Cell: 612.998.3588
| Fax: 952-894-1990
| freebsd-questions_(_at_)_freebsd_(_dot_)_org mailing list
| To unsubscribe, send any mail to
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3208 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040820/ed5786c9/smime.bin
Visit your host, monkey.org