On Wednesday, August 15, 2007 at 18:50:26 +0300, Lars Noodin wrote: >Maurice Janssen wrote: >> The two most obvious things to look at: >> - enable IP-forwarding on the fw/router > >That was mentioned in one of the first steps of the guides or howtos as >being taken care of in /etc/sysctl.conf. Here's an except from mine: > > # grep forw /etc/sysctl.conf > > net.inet.ip.forwarding=1 > net.inet.ip.mforwarding=1 > net.inet6.ip6.forwarding=1 > net.inet6.ip6.mforwarding=1
I suppose 'sysctl net.inet.ip.forwarding' shows that's it is really enabled (changing this file only isn't enough, but you probably know that already). >> - setup B as default gateway on all hosts in A > >OK. DHCP should be doing that, but manually setting the network >configuration for hosts in A doesn't have any (noticeable) effect. > >Here are the currently loaded nat + filter rules: > > # pfctl -s nat > > nat on em0 inet from 192.168.222.0/24 to any -> (em0:0) > > # pfctl -s rules > scrub in on em0 all fragment reassemble > pass all flags S/SA keep state Looks OK to me. You could try tcpdump on the internal and external interface to try to find out where the packets get lost. Maurice
