Re: bimap problem
This is a discussion on Re: bimap problem within the IPFilter forums, part of the System Security and Security Related category; ----- Original Message ----- From: "Jim Sandoz" <sandoz@lucent.com> To: "Kaan G. Celik" <kaan@...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-11-2003
|
|||
|
|||
Re: bimap problem
----- Original Message -----
From: "Jim Sandoz" <sandoz@lucent.com> To: "Kaan G. Celik" <kaan@ballistic.com> Cc: <ipfilter@cairo.anu.edu.au> Sent: Thursday, September 11, 2003 12:09 PM Subject: Re: bimap problem > > kaan, > > maybe i'm missing something here, but... > > you wrote that 209.x.x.2 (fxp0) is the external IP on > your ipf box. yet you then try to bimap 209.x.x.253 > behind the ipf box. there is no reason my the ipf > box would respond to much less forward a packet which > is addressed to 209.x.x.253. however... > > > I also thought about adding 209.x.x.253 to the fxp0 > > interface as an alias. > > and so, of course you need to do exactly that. > > jim > Jim, I used this one-to-one mapping with Cisco before and it was automatically getting that IP itself. So, I thought FreeBSD will dynamically own/reserve that IP and respond to that request. I added the new IP to the box, ifconfig fxp0 inet 209.x.x.253 netmask 255.255.255.255 alias and it still did not seem to work. Maybe I need to restart the machine, since I already played with it a lot since yesterday. I followed Glen's suggestion and made a static route to IPF box from Cisco and it works. Tomorrow, I will put more machines inside and try to assign those IP addresses as alias to the IPF box. Thanks for your help, I was really not clear if I should do it or not, now I know I have to :) Best Wishes, Kaan Jim, I used this one-to-one mapping with Cisco before and it was automatically getting that IP itself. So, I thought FreeBSD will dynamically own/reserve that IP and respond to that request. I added the new IP to the box, ifconfig fxp0 inet 209.x.x.253 netmask 255.255.255.255 alias and it still did not seem to work. Maybe I need to restart the machine, since I already played with it a lot since yesterday. I followed Glen's suggestion and made a static route to IPF box from Cisco and it works. Tomorrow, I will put more machines inside and try to assign those IP addresses as alias to the IPF box. Thanks for your help, I was really not clear if I should do it or not, now I know I have to :) Best Wishes, Kaan --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.515 / Virus Database: 313 - Release Date: 9/1/2003 
|
Linear Mode
