Re: how do i NAT a legacy network ?
Brian May wrote:
>
> I will assume you have (not sure from your description).
>
> [ host ] <----> [ router] <----> [ NAT ]???
Yes, and then from the NAT to the Internet.
> I am afraid I have no idea why it want work. Can you provide more
> details as to what you mean "it didn't work properly?" Also, how have
> you configured your NAT (ipmasq)?
It didn't work properly such as in: couldn't ping to the Net from my
computer (the [host] in the picture above).
I configured the NAT using ipfwadm, the output of ipfwadm -F -l:
bdg-gw:~# ipfwadm -F -l
IP firewall forward rules, default policy: deny
type prot source destination ports
acc/m all localnet/24 anywhere n/a
acc tcp localnet/24 anywhere www -> 1024:65535
This works for any hosts that connected directly to the NAT server, but
not the ones
that are behind a router.
> Tools I would use to debug such a problem:
>
> tcpdump
> netstat
> ipchains -L -M (for linux 2.2.x - run on NAT machine).
OK, I'll try them.
I'm using ipfwadm to set the forwarding rules. The tool I have used is
just ping.
BTW, what is ipchains? Is that the equivalent of ipfwadm?
I'm afraid I'm not in the "right" mailing list, because actually I'm
using Slackware Linux. But since it basically is also Linux, I think it
would be all right. I'd also like to know the differences between the
two.
I suspect that the problem lies on the setting of the gateways on my
machine (which happens to be a Windows NT; which forces you to reboot if
you change even a bit of the network settings). How do you set the
gateways? Put both router's & nat's IPs in as the gateways?
Oki
--
Without the kernel, your system would stop.
http://www.cnet.com/Resources/Info/Glossary/Terms/kernel.html
Reply to: