> Am Montag, 9. Mai 2005 22:29 schrieb Денис Медведев: >> Hello, everybody! >> >> I've just installed freeBSD 5.3 on my old computer to make it NAT >> router for internet sharing. The example is classical: two machines in >> my internal network and one IP from provider. Except one moment - my >> internet connection is established through PPPoE. So my unix has 3 >> network interfaces: >> rl0 - provider's network 10.10.54.107/16 >> tun0 - pppoe (through rl0 of course). Here my IP is 192.168.54.107 >> rl1 - my internal network 172.16.0.1/24 (do not laugh i've made it >> for difference) >> >> NAT has alias address 192.168.54.107, and internet connection works >> perfectly. BUT there are a lot of resources in 10.10.54.107/16 >> network I can't get access from my internal machines. I think address >> translation to 10.10.54.107 could help. Or not? Maybe it is possible >> to launch second NATd for this interface?
> Hmm, I don't know if I understood correctly but you don't need to NAT if > you want to route from 172.16.0/24 to 10.10/16. Just NAT anything on tun0 > from !192.168.54.107 to any. (And make sure gateway_enable="YES", resp. > net.inet.ip.forwarding=1) > You don't tell us whether you use IPFW, IPF or PF, but at least for the > latter two you could define more than one NAT rule! > -Harry I use IPFW, and the rules are the following: divert nat ip from {172.16.0.5 or 172.16.0.7} to any out via tun0 divert nat ip from any to any in via tun0 allow ip from {172.16.0.5 or 172.16.0.7} to any in via rl1 keep-state allow ip from 192.168.54.107 to any out via tun0 keep-state deny ip from any to any Generally, i want 172.16.0.7 to see MS windows network (10.10/16) as a client. WBR Denis mailto:[EMAIL PROTECTED] _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"