Adam Getchell <[EMAIL PROTECTED]> writes: > Hello all, > > I'm using OpenBSD 3.1-stable to provide NAT via pfctl and /etc/nat.conf. In > addition, there are a number of hosts that I want to provide 1-to-1 IP > address translation for things like WINS, registered IP addresses, etc. > > Thanks to previous suggestions, simple NAT works fine by setting the > client(s) gateway address to the private interface on the firewall and using > the following rule: > > nat on $ext_if from $private_ip_range to any -> $NAT_public_ip > > However, when I add this binat rule to get 1-to-1 translation from > $bdc_private_ip to $bdc_public_ip: > > binat on $ext_if from $bdc_private_ip to any -> $bdc_public_ip > > This client (an NT4 BDC/WINS/DHCP server) loses network connectivity > outside. Even browsing without DNS (the errors below show DNS queries > failing).
did you setup an ip alias on the external interface of your firewall ? man hostname.if [...] -- Lo�c
