Greetings,
we're still grieving over a UltraSparc II Enterprise E3500 machine.
We managed to setup a working OpenSolaris, and now we'd like to set it up in
order to work as a router.
Yes, I did check the online manuals.
Yes, I did found Rich Teer's guides (btw: should be updated, now there's no
need for the pfil)
Yes, I did check IP Filter howto.
We have two network interfaces, hme0 and hme1.
* hme0 has a public ip, let's say 1.2.3.4/24, router 1.2.3.45
* hme1 has a private ip, let's say 10.0.0.1/25
* We have other computers in the 10.0.0.0/25 network, defined from now on as
"client"
We managed to configure it as a router, but it's dropping too many packets.
To be clear:
1) I can surf the web from the E3500 machine
2) I can connect to the E3500 from a client, using vnc/ssh without troubles
3) If I set up the E3500 as the gateway for a client, surfing the web from that
client is almost impossible. I can see the nats being created on the E3500 for
my client requests, but packets get lost somewhere.
What we did to set up the E3500 is:
1) enable ipv4-forwarding
2) create a full permissive ipf.conf:
pass in all
pass out all
(that's because we'll deal with firewalling later)
3) create a ipnat.conf as follows:
map hme0 10.0.0.0/25 -> 0/32 proxy port ftp ftp/tcp
map hme0 10.0.0.0/25 -> 0/32 portmap tcp/udp auto
map hme0 10.0.0.0/25 -> 0/32
Hence... any idea?
This message posted from opensolaris.org
_______________________________________________
opensolaris-help mailing list
[email protected]
