Re: need help pls asap
From: Clifton Royston (cliftonr_at_tikitechnologies.com)
Date: 04/23/05
- Previous message: Lei Sun: "Re: struggling with ports, packages, cvsup"
- In reply to: angelito munez: "need help pls asap"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 23 Apr 2005 08:29:17 -1000 To: angelito munez <angelo_2871@yahoo.com>
On Sat, Apr 23, 2005 at 06:12:39AM -0700, angelito munez wrote:
> hi guys.. ok.. this is actually the problem.. the isp give us a
> public ip.. then it was assigned to the ADSL router.. then at the
> router, DCHP is enabled... so this means that my freebsd box is
> inside a private network with ip 172.16.16.2.. router has the private
> ip 172.16.16.1.. the router itself is doing a NAT because it has a
> real ip of 62.215.85.228... now what i want to do is to make another
> private network with the freebsd as their gateway so that i can make
> some rules for this network.. and this should also act as their
> firewall.. now i have already configured the 2 network interfaces
> which is vr1 (172.16.16.2 -> for the router's network) and vr0
> (192.168.0.1 -> for another private network)...
...
> the problem is i
> have one host in my private network having an ip of 192.168.0.2 and i
> can't ping this host.. what is the problem? i dont have any firewall
> rules to
...
> Routing tables
> Internet:
> Destination Gateway Flags Refs Use Netif Expire
> default 172.16.16.1 UGSc 1 90 vr1
> 127.0.0.1 127.0.0.1 UH 0 49 lo0
> 172.16.16/24 link#2 UC 2 0 vr1
> 172.16.16.1 00:0f:3d:87:9c:51 UHLW 1 12 vr1 1200
> 172.16.16.4 00:0b:db:95:89:a0 UHLW 1 1912 vr1 1081
> 192.168.0 link#1 UC 2 0 vr0
> 192.168.0.1 00:11:95:90:c6:b6 UHLW 0 18 lo0
> 192.168.0.2 00:11:5b:2b:24:20 UHLW 0 0 vr0 1188
> can you help me with this problem?
Looks to me like you have the "DMZ" network (172.16.16.0/24) configured
correctly on this machine, but the extra-private network (192.168.0/24)
is misconfigured on this machine.
To start with, you need to get it to where you can ping each machine
from this one, so you're going in the right direction.
Try using ifconfig to delete the current config for 192.168.0, then
simply ifconfig 192.168.0.1 onto vr0; that should get you to where you
can talk onto both networks from this machine.
Once that's working, then you can try adding NAT to route from the
extra-private network onto the DMZ; when you get that working, it
should work end-to-end. (Except for protocols like FTP which require
NAT proxies; that may get complicated what with needing to go through
2 in succession.)
-- Clifton
--
Clifton Royston -- cliftonr@tikitechnologies.com
Tiki Technologies Lead Programmer/Software Architect
"I'm gonna tell my son to grow up pretty as the grass is green
And whip-smart as the English Channel's wide..."
-- 'Whip-Smart', Liz Phair
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Lei Sun: "Re: struggling with ports, packages, cvsup"
- In reply to: angelito munez: "need help pls asap"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
