Hello all, I am configuring ipfilters to work on a Solaris 8 box, and am having some problems. When I attempt to connect to servers on the outside (real IPs), I get no response back.
My layout looks like this: Host (Win 98)[10.1.0.0/16] -------[(qfe0) 10.1.0.0/16]Solaris8.domain.edu [(eri0) Real IP/24]----------[Real-IP/24]Server.domain.edu I have access to a server that is on the "outside", and it is receiving SYN packets from my Win 98 Host via the Solaris box, and is ignoring them (The tcpdump from Server follows): 10:42:04.786142 Solaris8.domain.edu.3500 > Server.domain.edu.telnet: S 2546065:2546065(0) win 8192 <mss 1460,nop,nop,sackOK> (DF) 10:42:07.736340 Solaris8.domain.edu.3500 > Server.domain.edu.telnet: S 2546065:2546065(0) win 8192 <mss 1460,nop,nop,sackOK> (DF) 10:42:13.734910 Solaris8.domain.edu.3500 > Server.domain.edu.telnet: S 2546065:2546065(0) win 8192 <mss 1460,nop,nop,sackOK> (DF) 10:42:25.731966 Solaris8.domain.edu.3500 > Server.domain.edu.telnet: S 2546065:2546065(0) win 8192 <mss 1460,nop,nop,sackOK> (DF) My ipnat file looks like this (Note our network admin has ports 5000 and above blocked from eri0's home, hence 3500:4999): map eri0 10.1.0.0/16 -> (eri0's IP)/32 portmap tcp/udp 3500:4999 map eri0 10.1.0.0/16 -> (eri0's IP)/32 I have sucessfully telneted to "Server" from "Solaris8", and I have nmapped "Server", and see telnet in an open state from "Solaris8's" perspective. I am really very mystified by this. Can any of you wise NAT folk lend me a clue? Thanks! Brett
