OS is NetBSD 1.6. I'm unable to get connections from the outside to the interior machine.
My exterior IP address on the gateway is 216.162.199.112 on nic ep0, and I'm trying to redirect connections on port 25 through an interior nic ex0 at 10.1.1.1 to an interior machine at 10.1.1.2. Connections are not succeeding. My ipnat.conf is this: # ep0 216.162.199.112 outside interface # ex0 10.1.1.1 inside interface # rdr ep0 216.162.199.112/32 port 25 -> 10.1.1.2 port 25 map ex0 10.0.0.0/8 -> 216.162.199.112/32 portmap tcp/udp 10000:20000 map ex0 10.0.0.0/8 -> 216.162.199.112/32 And running ipnat -l confirms these rules are loaded: # ipnat -l List of active MAP/Redirect filters: rdr ep0 216.162.199.112/32 port 25 -> 10.1.1.2 port 25 tcp map ex0 10.0.0.0/8 -> 216.162.199.112/32 portmap tcp/udp 10000:20000 map ex0 10.0.0.0/8 -> 216.162.199.112/32 Postfix is running on the interior machine, so there is something listening on port 25. The interior machine has 10.1.1.1 listed as its default route. When I don't have the above ipnat rules loaded, I can connect from the gateway machine to the interior machine. However, when the rules are loaded, the connection never succeeds and eventually times out. ipnat -l indicates that the sessions are active (this shows attempts from both the gateway and a machine out on the internet to connect): List of active sessions: RDR 10.1.1.2 25 <- -> 216.162.199.112 25 [207.202.193.133 63531] RDR 10.1.1.2 25 <- -> 216.162.199.112 25 [207.202.193.133 63532] MAP 10.1.1.1 65132 <- -> 216.162.199.112 10001 [10.1.1.2 25] MAP 10.1.1.1 65133 <- -> 216.162.199.112 10000 [10.1.1.2 25] My ipf.conf is pretty simplistic at the moment: pass in quick on lo0 all pass out quick on lo0 all block in log quick all with short block in log quick on ep0 from any to any with ipopts Ideas? I'm stumped. I've had no problem getting ipnat working before, but this one machine is being difficult. Thanks... -mike begley [EMAIL PROTECTED]
