Stephan Weaver wrote:
Can you give me an example of how this is done? <--- please do not TOP
POST
From: Sarath ER <[EMAIL PROTECTED]>
To: freebsd-questions@freebsd.org
Subject: Re: 2 Nic on same subnet.
Date: Tue, 21 Jun 2005 12:10:33 -0700
Stephan Weaver wrote:
Hello All,
I am trying to place my network behind a firewall [FreeBSD BASED].
What i have Done!
I have 2 Nic in the BSD PC.
vr0, vr1.
Both on the same subnet eg.
vr0 - 192.168.0.1 , vr1 - 192.168.0.2.
I Plug the Ethernet Cable From the DSL modem Into my vr0 interface.
I Plug the Ethernet Cable from the SWITCH into my vr1 interface.
I am running ipnat as follows.
ipnat.rules
----------------
map vr0 192.168.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map vr0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp/udp 40000:60000
map vr0 192.168.0.0/24 -> 0.0.0.0/32
-----------
Here are some messages i get from my /var/log/messages.
Jun 20 22:47:36 pizzaboys kernel: arp: 192.168.0.198 is on vr0 but
got reply from 00:08:74:4f:57:c5 on vr1
Thank You, Stephan Weaver
[EMAIL PROTECTED]
You must delete the routes for the network from both interfaces and
add individual host routes to the interfaces. Suppose you have a
cable modem on vr0 add a host route for that Ip and assign it to vr0
interface and add the rest of the hosts in your lan in vr1 interface.
Or you can choose a different network or subnet the same ip block
Cheers,
- Sarath
_______________________________________________
route delete -net yournetworkhere/maskhere <- you might have to do it
twice...
route add -host ipaddressofthelocalinterface -interface vr0
route add -host ipaddressofcablemodemhere -interface vr0
route add -host ipaddressofvr1here -interface vr1
route add -host firsthostinlan -interface vr1
route add -host secondhostinlan -interface vr1
............
I think this would do it...
- Sarath
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"