On Sat, 24 Nov 2007, Alaor Barroso de Carvalho Neto wrote:
> 2007/11/24, Ian Smith <[EMAIL PROTECTED]>:
> >
> > No I didn't mean that; use your own favourite packet filter, any of them
> > can handle what you've described. Bill suggested pf - lots of people
> > seem to like it a lot - and I u
On Sat, 24 Nov 2007 13:41:51 -0200
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> 2007/11/24, Ian Smith <[EMAIL PROTECTED]>:
> >
> > No I didn't mean that; use your own favourite packet filter, any of
> > them can handle what you've described. Bill suggested pf - lots of
> > people
2007/11/24, Ian Smith <[EMAIL PROTECTED]>:
>
> No I didn't mean that; use your own favourite packet filter, any of them
> can handle what you've described. Bill suggested pf - lots of people
> seem to like it a lot - and I use ipfw because I (mostly) know how to.
I always had linux servers, so I
On Sat, 24 Nov 2007, Alaor Barroso de Carvalho Neto wrote:
> 2007/11/24, Ian Smith <[EMAIL PROTECTED]>:
> >
> > ipfw works fine too for these sorts of network policy separation :)
>
>
> So ipfilter is not recommended by you guyz?
No I didn't mean that; use your own favourite packet filter,
2007/11/24, Ian Smith <[EMAIL PROTECTED]>:
>
> ipfw works fine too for these sorts of network policy separation :)
So ipfilter is not recommended by you guyz?
If that wasn't a typo, this is a non-contiguous netmask. I suspect you
> want 255.255.255.224, assuming the default router is in the sam
On Fri, 23 Nov 2007 12:33:26 -0200
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> 2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
> >
> > "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
[..]
> > > > > em0 external world XXX.XXX.XXX.XXX
> > > > > rl0 adm 192.168.1.80
2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
>
> > I'm going to the server room to test the command. And yes, the DNS is
> > working properly. I just came from the room and I did the command dig @
> > 192.168.1.1 google.ca and it said no server reached, then I did dig @
> > 127.0.0.1 google.ca and i
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
>
> >
> > First off, what's the output of "sysctl net.inet.ip.forwarding"? If
> > it is 0, then reboot and see if it starts working.
>
> The return was: net.inet.ip.forwarding 1
OK. That's not the problem then ... did you disable ipfil
>
> First off, what's the output of "sysctl net.inet.ip.forwarding"? If
> it is 0, then reboot and see if it starts working.
The return was: net.inet.ip.forwarding 1
Routed is running, named is running, the server itself can ping to any
network, I don't know what else to test.
__
>
> By ping, mean ping. I don't know what "have access" means, but I know
> what
> "ping" means.
Well I say have access because the icpm would be blocked, but I would still
have communicationwith the network even if I didn't ping. But yeah, for
meright now ping and have access is the same once t
2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
>
> "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> >
> > 2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
> > >
> > > "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> > >
> > > > Yes, I have IPFIlTER installed, but if I would want t
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
>
> 2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
> >
> > "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> >
> > > Yes, I have IPFIlTER installed, but if I would want to everybody ping to
> > > everybody and then block the thing
2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
>
> "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> >
> > 2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
> > >
> > > "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> > > >
> > > > OK guyz, I did some tests and I found the error, li
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
>
> 2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
> >
> > "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> > >
> > > OK guyz, I did some tests and I found the error, like you said, it's a
> > > config problem with the routes, I
"Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
>
> OK guyz, I did some tests and I found the error, like you said, it's a
> config problem with the routes, I thought the routed daemon would care of it
> for me but it seems like it don't. Please I ask you to forget the scenario I
> said
2007/11/23, Bill Moran <[EMAIL PROTECTED]>:
>
> "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]> wrote:
> >
> > OK guyz, I did some tests and I found the error, like you said, it's a
> > config problem with the routes, I thought the routed daemon would care
> of it
> > for me but it seems like
OK guyz, I did some tests and I found the error, like you said, it's a
config problem with the routes, I thought the routed daemon would care of it
for me but it seems like it don't. Please I ask you to forget the scenario I
said before, now what i have is:
The dns server is now with the IP 192.16
Alaor Barroso de Carvalho Neto wrote:
> Sorry,
> searchdomain ...
> nameserver 192.168.1.2
>
> not 192.168.1.1 as I've said before.
What about:
# dig @192.168.1.2 google.ca
Also, I don't know if it has any impact, but my resolv.conf shows just
'search mydomain.com' as opposed t
The nameserver is the 192.168.1.2 in the resolv.conf, sorry my fault. I'm
gonna copy the rc.conf and paste here. But the routes are OK and still OK
for any time when the machine is not the main gateway and have some few
clients using it as gateway, if it was a config problem it wouldn't work
never,
In response to "Alaor Barroso de Carvalho Neto" <[EMAIL PROTECTED]>:
> Sorry my english skills, I'm brazilian and I'm not very familiar with the
> language, but I'm gonna try to explain it clearly:
>
> LINUX SERVER
> private network 192.168.1.1
> external network x.x.x.x
>
> FREEBSD SERVER
> pri
Sorry,
searchdomain ...
nameserver 192.168.1.2
not 192.168.1.1 as I've said before.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTE
Sorry my english skills, I'm brazilian and I'm not very familiar with the
language, but I'm gonna try to explain it clearly:
LINUX SERVER
private network 192.168.1.1
external network x.x.x.x
FREEBSD SERVER
private network 192.168.1.240
external network x.x.x.x
DNS SERVER
private network 192.168.
Alaor Barroso de Carvalho Neto wrote:
> If I turn off linux and set the rl0 to 192.168.1.1 it
> stop resolving names but can ping to anywhere. Help!!!
> in the rc.conf
> gateway_enable="YES"
> defaultrouter="X.X.X.X"
I don't know if I quite understand on which machine things are breaking,
but if i
On Thu, Feb 08, 2007 at 12:10:07PM +0200, George Vanev wrote:
> I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
> The first IP is to access internet, the second
> is for the ISP's LAN.
> Unfortunately I have internet, but no access to
> the other network.
We need network IP configuration details; ie
Nothing? You're able to arp 192.168.64.1 and 192.168.64.3, can you ping
them?
Since you have an RFC-1918 address on both the inside and the outside, I
assume you're running nat on this machine to translate internal machine
traffic. It looks like you have all the routes you need, so my _guess_
In response to "George Vanev" <[EMAIL PROTECTED]>:
> On 2/8/07, Bill Moran <[EMAIL PROTECTED]> wrote:
> >
> > In response to "George Vanev" <[EMAIL PROTECTED]>:
> >
> > > I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
> > > The first IP is to access internet, the second
> > > is for the ISP's LAN.
>
On 2/8/07, Bill Moran <[EMAIL PROTECTED]> wrote:
In response to "George Vanev" <[EMAIL PROTECTED]>:
> I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
> The first IP is to access internet, the second
> is for the ISP's LAN.
> Unfortunately I have internet, but no access to
> the other network.
>
>
In response to "George Vanev" <[EMAIL PROTECTED]>:
> I have FreeBSD 6.2 box with 1 NIC and 2 IPs.
> The first IP is to access internet, the second
> is for the ISP's LAN.
> Unfortunately I have internet, but no access to
> the other network.
>
> I made a test. I assigned to the NIC only the local
In answer to my own question. When I disable the firewall on the server
the routing issue is instantly resolved. However for 90% of the time
the firewall runs without any apparent problems... I will start a new
thread of conversation and ask my now firewall related problem. Sorry
for my apparent
Gustafson, Tim wrote:
I know it "can" be done. I have a feeling that the FreeBSD TCP
stack lacks the capability.
If you are looking for multiple routes to the same destination, you are
correct. I believe that if you see the thread on net@ from 03/01/04
with the subject "My planned work on net
Sent: Wednesday, February 02, 2005 5:02 AM
Subject: RE: Routing Problem
Thomas (and John too),
Let me clarify a little bit.
What I have is this:
A single FreeBSD web server with a single NIC in it
Two T1 routers, each with a different subnet.
My FreeBSD box has two IP addresses assigned to it,
Inc
[EMAIL PROTECTED]
(516) 379-0001 Office
(516) 480-1870 Mobile/Emergencies
(516) 908-4185 Fax
http://www.meitech.com/
-Original Message-
From: Thomas Foster [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 02, 2005 7:57 AM
To: Gustafson, Tim
Cc: [EMAIL PROTECTED]
Subject: Re: Routing Pr
case? I guess I am not fully understanding your
configuration ...
T.
- Original Message -
From: "Gustafson, Tim" <[EMAIL PROTECTED]>
To: "Thomas Foster" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, February 02, 2005 4:06 AM
Subject
Cc: [EMAIL PROTECTED]
Subject: Re: Routing Problem
Im confused.. if you have two T1s, then are using /30s dor the ranges?
If
so.. what about not giving a default gateway for either one and just add
routes...
Are you attempting utilize this as just a router.?
Theres a section that covers setting
Im confused.. if you have two T1s, then are using /30s dor the ranges? If
so.. what about not giving a default gateway for either one and just add
routes...
Are you attempting utilize this as just a router.?
Theres a section that covers setting up routing on interfaces in the
handbook:
http:/
You should add on your router the following routes
192.168.1.0/24
192.168.2.0/24
with gateway 192.168.0.2 (interface firewall)
Your router doesn't know where to return the packets to.
And your firewall needs to route 0.0.0.0 to 192.168.0.1 (router interface)
Your CIDR is good.
These changes sh
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
Essentially, once the gif tunnel has been established you just need to
add an additional route for the specific gif interface from each server
to the other's remote subnet using the external IP of the remote subnet
as the gatew
- Original Message -
From: "James P. Howard, II" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 29, 2004 2:57 PM
Subject: Routing problem in IPv4/IPSec VPN environment
> As a personal favor, I am building a VPN for a small business. I
> have chosen FreeBSD for this d
From which interface? Try these:
ping google.com
(that will ping using the external interface)
ping -S 10.0.0.1 google.com
(that will ping using the internal interface)
If one works, but not the other, post your firewall
rules and natd command line.
Hello,
The FreeBSD machine is simply passing
you.
--
Best Regards,
Joshua Lokken
From: Clayton F <[EMAIL PROTECTED]>
To: "joshua lokken" <[EMAIL PROTECTED]>
CC: [EMAIL PROTECTED]
Subject: Re: Routing problem
Date: Mon, 8 Dec 2003 12:52:47 -0800
This setup appears a little confusing. Does your ISP give you a sta
This setup appears a little confusing. Does your ISP give you a static
or dynamic IP address to the internet? It would also help to see the
interface configuration info in your rc.conf file.
generally speaking, your external interface should have the ip address
assigned by your isp, not a priv
> LAN clients can access boh gateway interfaces by hostname and IP. Clients
> are
> setup to use 192.168.1.2 for DNS, and 192.168.1.2 uses 192.168.1.1 for DNS.
> I cannot get any traffic to reach (let alone pass) the DSL modem from the
> clients.
>
> I have tried this with the FreeBSD gateway,
HI and thanks,
Cool! I am OK with the fbsd stuff ipfilter ipnat etc. I garee it is nice.
The small matter of the cisco thing...hmmm!
OK...so would it be ok to ask another question or 2 later if today is bad?
I need to know how to "bridge" the /29 on the cisco.
does it mean I simply install static r
[EMAIL PROTECTED] wrote:
I have a friend with a cisco 827 adsl router. It has config hassles but
when that is sorted, we need to setup a freebsd box inside the cisco
router to handle a /29 block of ips. 3 questions...
I'm running an identical setup here - a Cisco 827, a /29, and a FreeBSD
machine
> SB > actually resolved the issue. If you could post your fix, it would be
==> SB > appreciated.
==> SB >
==> SB > Tks.
==> SB >
==> SB > Steve
==> SB >
==> Sorry, will offcourse do.
==> I just removed the line and the problem was gone.
==> -
gt; appreciated.
SB >
SB > Tks.
SB >
SB > Steve
SB >
Sorry, will offcourse do.
I just removed the line and the problem was gone.
Subject: Re: Re: Routing problem ?
Date: Thursday 20 March 2003 21.37
From: Joshua Lokken <[EMAIL PROTECTED]>
To: Hasse <
> Thx everybody.
> Problem solved.
> /Hasse.
It would be nice for the people who followed your thread to know what
actually resolved the issue. If you could post your fix, it would be
appreciated.
Tks.
Steve
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questi
Thx everybody.
Problem solved.
/Hasse.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
On Thursday 20 March 2003 17.54, Steve Bertrand wrote:
SB > > Hi everybody.
SB > > I have small network at home with two machines connected to the net
SB > > via ADSL. That means Dynamic IP, though not changing very often.
SB > > -
SB > > "odin.swedehost.com" running FreeBSD 4.8-RC #0 S
> Hi everybody.
> I have small network at home with two machines connected to the net
> via ADSL. That means Dynamic IP, though not changing very often.
> -
> "odin.swedehost.com" running FreeBSD 4.8-RC #0 Sun Mar 16 2003
> Two NICs. xl0 " DHCP " and "NAT-interface", acting as a gateway
On Fri, Feb 21, 2003 at 09:24:44PM +0200, molotov wrote:
> I have a little problem with my home network. I had a Linux router
> before and now I have FreeBSD set up and running on the same box.
> The problem is, that I don't know what manual could speak about
> that kind of routing: there are thre
twig les wrote:
Hey all, I have a 4.7 release box that needs to cvsup
its ports. The problem is that this box never sees
the outside world normally; it does IDS on an IP-less
interface and of course has a backnet interface. So
basically I added a temporary IP address to this box,
edited my /etc/
> today i tried to setup 4.7 gateway. It hastwo NICs (rl0 and rl1) on
> different subnets (rl0 = 192.168.0.66, rl1 = 192.168.1.2). The rl0 is
> connected to a cable-modem and gets an other IP (213.209.66.214) after
> booting.
>
> After playing with routes, i can ping outside, can ping rl0 and rl1 a
53 matches
Mail list logo
