NAT Configuration

[cj]

I have multiple public IP addresses on both inside and outside interfaces. On the inside interface I have several subnets. My goal is to have one public IP address per subnet. For example network 192.168.1.0/24 should NAT the following IP address X.X.X.X, however, network 192.168.2.0/24 should NAT out as Y.Y.Y.Y.


I have two versions of NAT rules currently, (/etc/pf.conf)

nat on $ext_if from $int_if:network:0 to any -> A.B.C.D
nat on $ext_if from 192.168.1.0/24 to any -> E.F.G.H

When I issue the following command:
# pfctl -sn

I get the following output:

nat on bge0 inet from 172.16.0.0/24 to any -> A.B.C.D
nat on bge0 inet from 192.168.1.0/24 to any -> E.F.G.H

It seems that NAT is properly configured but I think I'm missing an important part in either /etc/pf.conf or /etc/rc.conf.

For some reason traffic is not passing and I'm having trouble figuring it out. Has anyone ever setup this type of configuration and got it working?

 

[wblock@]

The first rule looks wrong. Why is it different from the second rule?

 

[cj]

$int_if:network:0

$int_if = macro
network:0 = interface's IP of alias 0

That is not an issue, I will eventually refine the entire conf file to reflect that type of expression.

I don't think I've included enough information to really get help here. But you never know!

 

[cj]

I found the problem. The problem was with my /etc/rc.conf. I had the wrong network address assigned to the interface and alias address mask. Thanks, All.