Hi, I think your internet gateway doesn't know where is 10.0.0.100. Packets reach Internet GW but can't back. You have two choice:
1)add route 10.0.0.0/24 on Gateway(only reach to GW, not internet ) , or 2)use pf and nat 10.0.0.0/24 on fxp0 like nat on fxp0 from 10.0.0.0/24 to any -> (fxp0) On 6/7/06, Didier Caamaqo <[EMAIL PROTECTED]> wrote:
Nope, I haven't add any nat rules, I just installed the OS, configure the ifaces, enable 'net.inet.ip.forwarding=1' and started to do the test, do I need to ass a nat rule to PF? Didier Caamaqo Director Departamento Informatica Sociedad Comercial Electrocenter Ltda. Correo Electrsnico: [EMAIL PROTECTED] Telifono: 02 - 584 - 7039 > -----Mensaje original----- > De: Huzeyfe Onal [mailto:[EMAIL PROTECTED] > Enviado el: miircoles, 07 de junio de 2006 16:12 > Para: Didier Caamaqo > Asunto: Re: routing problems > > Hi, > > > 10.0.0.100/24 (Host)-------> (xl0)10.0.0.1/24 > <---------------->192.168.0.49/24(fxp0)--------------> > 192.168.0.50(Gateway) > > is your nat rule like this? > > nat on fxp0 from ! xl0 to any -> fxp0 ... > > > On 6/7/06, Didier Caamaqo <[EMAIL PROTECTED]> wrote: > > Gateway has NAT info for 192.168.0.0/24, and the internet is available > from 192.168.0.0/24, but Gateway doesn't have any info about 10.0.0.0/24 > > > > Didier Caamaqo > > > > Director Departamento Informatica > > > > Sociedad Comercial Electrocenter Ltda. > > > > Correo Electrsnico: [EMAIL PROTECTED] > > > > Telifono: 02 - 584 - 7039 > > > > > > > -----Mensaje original----- > > > De: Huzeyfe Onal [mailto:[EMAIL PROTECTED] > > > Enviado el: miircoles, 07 de junio de 2006 16:00 > > > Para: Didier Caamaqo > > > CC: misc@openbsd.org > > > Asunto: Re: routing problems > > > > > > hi, > > > > > > is there any routing on Gateway for 10.0.0.0/24 block? > > > or you can nat outgoing packets from fxp0.. > > > > > > On 6/7/06, Didier Caamaqo <[EMAIL PROTECTED]> wrote: > > > > Greetings: > > > > > > > > > > > > > > > > I have been having this problem while working on an OBSD box I want > to > > > > implement as a firewall. > > > > > > > > > > > > > > > > In short this is what I need: > > > > > > > > > > > > > > > > OBSD Box > > > > > > > > 10.0.0.100/24 -------> 10.0.0.1/24 <----------------> > > > > 192.168.0.49/24--------------> 192.168.0.50 > > > > > > > > > > > > > > > > Host if=xl0 > > > if=fxp0 > > > > Gateway > > > > > > > > > > > > > > > > So far everything is ok and I can ping from host to fxp0 but I > cannot > > > reach > > > > the Gateway from the Host; however I can reach the Gateway and the > > > internet > > > > from fxp0. > > > > > > > > > > > > > > > > PF is enabled but there's not rule set applied yet. I'm sure > there's > > > just a > > > > little step I'm missing, any help or hint will be appreciated, > thanks a > > > lot in > > > > advance. > > > > > > > > > > > > > > > > Didier Caamaqo > > > > > > > > Director Departamento Informatica > > > > > > > > Sociedad Comercial Electrocenter Ltda. > > > > > > > > Correo Electrsnico: [EMAIL PROTECTED] > > > > <mailto:[EMAIL PROTECTED]> > > > > > > > > Telifono: 02 - 584 - 7039 > > > > > > > > > > > > > > > > > -- > > > Huzeyfe VNAL > > > --- > > > Ag Guvenligi Listesine uye oldunuz mu? > > > http://www.huzeyfe.net/netsec.html > > > > > -- > Huzeyfe VNAL > --- > Ag Guvenligi Listesine uye oldunuz mu? > http://www.huzeyfe.net/netsec.html
-- Huzeyfe VNAL --- Ag Guvenligi Listesine uye oldunuz mu? http://www.huzeyfe.net/netsec.html
