public ip address behind nat
Chris Dionissopoulos
dionch at freemail.gr
Wed Jan 26 10:38:24 PST 2005
1. Dont add any alias to rl1, just keep 192.168.0.254/24
2. Delete all ip/masks of app.example.com.
3. Add 193.231.43.26/32 as ip/mask to app.example.com
4. Do a "route add 192.168.0.254/32 -interface ($nic) -cloning
on app.example.com
5. and "route add default 192.168.0.254" on app.example.com
6. Delete all ip/masks on rl0 only, of nat.example.com
7. Add 193.231.43.33/32 as ip/mask to nat.example.com (rl0).
8. Do a "route add nat_gateway/32 -interface rl0 -cloning" on
nat.example.com
9. and "route add default nat_gateway" on nat.example.com
10. and "route add 193.231.43.26/32 -interface rl1 -cloning" on
nat.example.com
worked?
Chris.
> Hi all,
>
> Here is what i have done so far.
>
> i worked only on the nat.ex.com
>
> internet
> |
> |
> ________rl0(193.23143.33)________
> | |
> | nat.example.com |
> | |
> |_______rl1(192.168.0.254)________|
> |
> _____|______
> |___________| switch
> | |
> -------------------------------| |----------------------|
> LAN _xl0(193.231.43.26)
> |
> |
> |
> app.example.com |
> |
> ________________|
>
>
>
> OK,
> So I created on nat.example.com on rl1 a virtual interface
> ifconfig rl1 alias 193.231.43.25 255.255.255.248
> After that i created a route for this new interface
> route add 193.231.43.25 193.231.43.33 -iface
>
> So now i can ping rl1 rl0 & internet from the app.example.com but i cannot
> access this machine from the internet.
>
> Any thoughts on that ??
>
> rgds
>
> Mihai
>
>
>
>
>
>
>
> "Thomas M. Skeren III" <tms3 at fskklaw.com> wrote:
> Brian Reichert wrote:
>
> On Mon, Jan 24, 2005 at 03:21:19PM -0800, Mihai Nitulescu wrote:
>
> In the LAN i have the other machine application.example.comI have some
> Public IP`s from my ISP : 193.231.43.25-30 255.255.255.248 I want to
> assign to application.example.com 193.231.43.27 and to route this ip
> trough nat.example.com Any ideea how can i do that ?
> I'm having problems with your setup. Is Application.example.com at
> 193.531.43.27 or is it on the lan with an internal address?
>
> If it's internal, then machines on the lan can see the internal IP, so
> there's no reason for it to have a public address. If machines outside
> the lan need to get to app.ex.com, then use natd_flags in rc.conf and
> point the ports you need opened on app to the local addy of app, and use
> the NAT's external addy for the external users of app. That would be the
> easiest way if you don't want to give an external addy to app.
>
> Of course the easiest way is to just give app an external addy and plug it
> into the ISP supplied router. Unless app is a M$ box, of course.
> See 'redirect_address' in natd(8).I believe you'll also need to assign
> your public IPs to the externalinterface of your NAT box.I have a similar
> setup, but I need to review just what I've doneto make that work...
>
> Please help. Regards, Mihai
>
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Search presents - Jib Jab's 'Second Term'
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
____________________________________________________________________
http://www.freemail.gr - äùñåÜí õðçñåóßá çëåêôñïíéêïý ôá÷õäñïìåßïõ.
http://www.freemail.gr - free email service for the Greek-speaking.
More information about the freebsd-net
mailing list