[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cable Modem/NAT Problem

To: "'Charles Barthmann'" <cbarthmann_(_at_)_mac_(_dot_)_com>, <misc_(_at_)_openbsd_(_dot_)_org>
Subject: Re: Cable Modem/NAT Problem
From: "Michael Erdely" <mike_(_at_)_erdelynet_(_dot_)_com>
Date: Mon, 18 Feb 2002 00:30:38 -0500

Uncomment the following line in /etc/sysctl.conf:
#net.inet.ip.forwarding=1

Then, run:
sysctl -w net.inet.ip.forwarding=1

That _SHOULD_ do it.

-ME

-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf
Of Charles Barthmann
Sent: Monday, February 18, 2002 12:03 AM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Cable Modem/NAT Problem


Hi Everybody!


(Hello Dr. Nick.  8-) )

A seemingly simple problem.  I wish to use OpenBSD as a pf/NAT router
for my
cable connection coming through @Home.  I know that I can successfully
SSH
into the box on the internal interface, and using the SSH connection,
can
use the lynx web browser to go out the external interface, so both cards
are
OK, and are set-up.  However, when I read in the nat.conf that follows
with
pfctl, I cannot access the public internet from the private network.

ASCII Diagram:


                     DHCP_
                          |
                         \ /
    -------------       -----      -----     -----
    |Cable Modem| ----> |dc0|----> |NAT|---> |dc1| <- IP: 10.0.0.1
    -------------       -----      -----     -----    SM: 255.0.0.0
                                                |
     IP: 10.0.0.10 SM: 255.0.0.0                |
       |     -------         -------------      |
        ---> |PM G4|  <----  |5portswitch| <----
             -------         -------------

I have looked through the recent archives as well as on several
websites,
and what I have for my nat.conf seems to agree with the information
contained there.

The NAT box itself is a Compaq DeskPro 2000, it's not mentioned in the
dmesg
(which follows), and I don't know if it matters in this case.

Connecting from the inside currently, is a G4 running OS X.  I've read
that
the router/gateway setting has to be set to the address of the internal
interface on the NAT box.  And that's how it's set-up now.


Your help is most appreciated, as this problem is driving me up the
wall.
Admittedly, I'm still very new to *NIX/BSD and TCP/IP in general, but
I'm
working on it!  8-)

Thanks in advance,

Charles

pf.conf, nat.conf and shortened dmesg follow:

pf.conf:

# pass all packets in and out (these are the implicit last two rules)
pass in all
pass out all

nat.conf: 
# NAT internal IP addresses of range 10.0.0.0/24 to
# an external routable IP on the dc0 interface
nat on dc0 from 10.0.0.0/24 to any -> dc0

dmesg:

OpenBSD 3.0 (GENERIC) #94: Thu Oct 18 14:48:27 MDT 2001
    deraadt_(_at_)_i386_(_dot_)_openbsd_(_dot_)_org:/usr/src/sys/arch/i386/compile/GENERIC
(snip.)
dc0 at pci0 dev 2 function 0 "Davicom Technologies DM9102" rev 0x31: irq
11
address xx:xx:xx:xx:xx:xx (Removed by me.)
ukphy0 at dc0 phy 1: Generic IEEE 802.3u media interface
ukphy0: OUI 0x00606e, model 0x0004, rev. 0
dc1 at pci0 dev 3 function 0 "Davicom Technologies DM9102" rev 0x31: irq
11
address xx:xx:xx:xx:xx:xx (Removed by me.)
ukphy1 at dc1 phy 1: Generic IEEE 802.3u media interface
ukphy1: OUI 0x00606e, model 0x0004, rev. 0
(snip.)

Prev by Date: nat.conf and internal webserver
Next by Date: Need help with ntpd
Previous by thread: nat.conf and internal webserver
Next by thread: Need help with ntpd
Index(es):
- Date
- Thread

Visit your host, monkey.org