Hi Stefan, As you mentioned that the IP forwarding is already enabled on your system. Have you configured the IP alias on the network interface for the NAT purpose? If the NAT is done on external interface then you'll need to add in the IP alias on /etc/hostname.vic2
Please read the guide from openbsd url below:http://www.openbsd.org/cgi-bin/man.cgi?query=hostname.if&apropos=0&sekt ion=0&manpath=OpenBSD+4.9&arch=i386&format=html Sample of hostname.if config with IP alias: A typical file contains only one line, but more extensive files are possible, for example: inet 10.0.1.12 255.255.255.0 10.0.1.255 media 100baseTX description Uplink inet alias 10.0.1.13 255.255.255.255 10.0.1.13 inet alias 10.0.1.14 255.255.255.255 NONE inet alias 10.0.1.15 255.255.255.255 inet alias 10.0.1.16 0xffffffff # This is an example comment line. inet6 alias fec0::1 64 inet6 alias fec0::2 64 anycast !route add 65.65.65.65 10.0.1.13 up I hope it helps. Regards, Stefan ________________________________ From: Stefan Midjich <sweh...@gmail.com> To: Mark (obsd) <openbsd-l...@nerdish.us> Cc: misc@openbsd.org Sent: Tuesday, October 11, 2011 2:06 AM Subject: Re: Help setting up a PF NAT gateway Yes forwarding is enabled. I have followed the Book of PF 2nd Edition so far. 2011/10/10 Mark (obsd) <openbsd-l...@nerdish.us>: > Hi Stefan, > > On Mon, Oct 10, 2011 at 10:38 AM, Stefan Midjich <sweh...@gmail.com> wrote: >> >> Simplest of things but I'm failing miserably. >> >> ... >> >> With tcpdump I can see packets going to vic3, but no further. >> > > Do you definitely have forwarding enabled? > # sysctl net.inet.ip.forwarding > net.inet.ip.forwarding=1 > It that were 0 instead of 1, you'd get your symptoms. Edit /etc/sysctl.conf > to enable forwarding if you haven't. > Regards, > Mark -- Med vdnliga hdlsningar / With kind regards Stefan Midjich