[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cable modem Firewall routing



Not sure where to start on this one.
1) What does `ipnat -l` say.
2) From the internal machines can you ping 192.168.0.2
3) From the firewall can you ping the internal machines
4) From the firewall can you ping the ISP default gateway


On Sun, Jan 28, 2001 at 03:07:35PM -0500, Jonathan Zuilkowski wrote:
> Before I begin, I have scoured the mailing list archives and the FAQ.
> 
> I'm trying to set up a firewall with openbsd v2.8 between my home network 
> and my static cable modem ip.
> 
> for my internal lan, I chose 192.168.0.0/24
> 
> My cable ip is 208.x.x.x
> 
> According to the FAQ I set up NAT as follows:
> 
> ep0 = 208.x.x.x/27
> ep1 = 192.168.0.2
> 
> map ep1 192.168.0.0/24 -> 208.x.x.x/32 portmap tcp/udp 10000:60000
> map ep1 192.168.0.0/24 -> 208.x.x.x/32
> 
> for my ipf.rules:
> 
> pass in from any to any
> pass out from any to any
> 
> On my client I set the defaultroute to 192.168.0.2
> 
> 
> To my knowledge, this minimal config should:
> 
> 1. all packets from the 192.168.0.0/24 with the default route of 192.168.0.2 
> will be sent to 192.168.0.2
> 
> 2. the ep1 address will intercept the packets, rewrite them with the source 
> address of 208.x.x.x and pass thwm to it's default router ( at the ISP)
> 
> 3. when the packets come in, they are rewritten with the internal address 
> for the destination, the forewarded.
> 
> 
> Please correct me if I'm wrong, but that's my basic understanding of how NAT 
> works.
> 
> Anyway, it doesn't work.
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> 
> 

-- 
|
Public schools are just another form of welfare. Keep your kids out of the
welfare system!
AA4YU http://www.beekeeper.org http://www.q7.net 



Visit your host, monkey.org