Hello Karan, I have RealVNC going through a number of BSD firewalls/gatways. Most of my BSD boxes are 4.9 or 4.10. I'm using ipfilter as my firewall. Here is what I do: in ipnat.rules rdr xl0 xxx.xxx.xxx.xxx/32 port 5800 -> 192.168.0.12 <http://192.168.0.12>port 5800 rdr xl0 xxx.xxx.xxx.xxx/32 port 5900 -> 192.168.0.12 <http://192.168.0.12>port 5900 in ipf.rules pass in quick on xl0 proto tcp from any to any port = 5800 flags S keep state keep frags pass in quick on xl0 proto tcp from any to any port = 5900 flags S keep state keep frags These are the only lines that I use to connect to internal machines on VNC through my firewall. Let me know how this works for you. Calvin Lane [EMAIL PROTECTED]
On 5/9/05, Karan Gupta <[EMAIL PROTECTED]> wrote: > > Need help..have gone through google/docs but am still confused. > Im running, > > FreeBSD aaa.bbb.com <http://aaa.bbb.com> 4.9-RELEASE FreeBSD 4.9-RELEASE#4: > aaa.bbb.com:/usr/src/sys/compile/GENERIC i386 > > its acting as a router running NAT, IPFW and DHCP > > INTERNET<------>fBSD<------>x.x.x.x(win2k machine running RealVNC server > on the local network, it has a static IP) > > a.a.a.a: is the ext_ip_fbsd > x.x.x.1: is the int_ip_fsd > x.x.x.x: Win2k on the local network running RealVNC server > > I want to connect to the win2k machine from the internet. > i have natd.conf with > same_port yes > redirect_port tcp x.x.x.x:5800-5900 a.a.a.a:5800-5900 > redirect_port udp x.x.x.x:5800-5900 a.a.a.a:5800-5900 > > ###ipfw with##### > ipfw -f flush > ##### rl0 is the ext interface ##### > /sbin/natd -interface rl0 -s > ipfw add 999 divert natd all from any to any via rl0 > > I can get on the internet just fine, can ssh to the fBSD from the outside > as well. > Heres the nmap output, > Port State Service > 21/tcp open ftp > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 443/tcp open https > 587/tcp open submission > > I guess i need to open the ports on the firewall....nothing that i tried > worked. > > Any suggestions? > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > [EMAIL PROTECTED]" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
