routing problem

neo_leopard

Member


Messages: 41

help need help. before rebooting i allready succes conecting my router to my nat and my client. but now :r.

my lan map is

Code:
################
#  Proxy Squid #
#  FreeBSD     #
################
192.168.100.102/30
       |
      \|/
192.168.100.100/30
###############
# MikroTik    #--> internet(10.20.0.10/28)
# router      #
############### 
192.168.1.254/24
     |
    \|/
192.168.1.0/24
###############
#  client     #
###############
i configured for my proxy squid. from my router to my freebsd box it connect. flawlesly. but there is a big problem conecting from client to my freebsd box.

in /etc/ipnat.rules i write

Code:
rdr vlan0 192.168.100/30 port 80 -> 127.0.0.1 port 3128 tcp
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,761
Messages: 30,885

Why? Just configure the client to use the 192.168.100.x address as a proxy. Let Squid run on that address. No need to redirect, no need for NAT at all.
 
OP
OP
N

neo_leopard

Member


Messages: 41

before rebooting i can connect to to my freebsd box using putty. now i can't connect from client to my freebsd box using putty.
 

Alt

Aspiring Daemon

Reaction score: 82
Messages: 726

Freebsd have default gw to internet connection? You need a static route for 192.168.1.0/24 then... Do you configured it? Show configs, not enough info..
When you try yahoo you try it from client mashine? do traceroute -nI 1.1.1.1
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,761
Messages: 30,885

Configure the client (Firefox i.e.) to use 192.168.100.102 port 3189 as the proxy address.

Don't use NAT or redirect, it's not needed.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,761
Messages: 30,885

Alt said:
Freebsd have default gw to internet connection? You need a static route for 192.168.1.0/24 then...
No, all you need is a default gateway to 192.168.100.101. The MicroTik router will take care of the routing to 192.168.1.0/24.
 

Alt

Aspiring Daemon

Reaction score: 82
Messages: 726

Ah, dont noticed where is internet connection =)

I think maybe he wants to redirect to force users using proxy..
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,761
Messages: 30,885

Alt said:
I think maybe he wants to redirect to force users using proxy..
Probably, but that needs to be done on the MicroTik anyway.
 
OP
OP
N

neo_leopard

Member


Messages: 41

i allready connect mikrotik to freebsd box. and its allready connect. but client and proxy still canont conected.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,761
Messages: 30,885

Try taking it step by step, you need to tackle the problem logically. Forget about name resolving for a minute, you need to get the IP routing correctly first.

From a client try:

Ping the default gateway:
ping 192.168.1.254

Ping the FreeBSD Squid box:
ping 192.168.100.102

Does that work?
 
OP
OP
N

neo_leopard

Member


Messages: 41

is it posible because the mac addres change on vlan0. because it mac address vlan its always change everytime its reboot. is it possible to make the vlan mac addres static.
 
OP
OP
N

neo_leopard

Member


Messages: 41

i think its not because of mac address. my mistake mac addres doesnt cahange. :r
Code:
#SERVICE SETTING
sshd_enabled="YES"
sendmail_enable="NONE"
squid_enabled="YES"

#FIREWALL SETTING
pfilter_enable="YES"
ipnat_enable="YES"
ipmon_enable="YES"
ipfs_enable="YES"

#NETWORK SETTING
cloned_interfaces="vlan0"
#network_interfaces="lo0 vlan0"
ifconfig_vlan0="inet 192.168.100.102 netmask 255.255.255.252 vlan 20 vlandev em0" 
#start it explicitly:
ifconfig_xl0="up"
defaultrouter="192.168.100.101"
 

Alt

Aspiring Daemon

Reaction score: 82
Messages: 726

Code:
ifconfig_vlan0="inet 192.168.100.102 netmask 255.255.255.252 vlan 20 vlandev [B]em0[/B]" 
#start it explicitly:
ifconfig_[B]xl0[/B]="up"

Maybe here is mistake? If not we need mikrotik's config also :)
p.s. On your netmap default gw must be 192.168.100.100/30 isnt?
 

Const

Member


Messages: 35

SirDice said:
Try taking it step by step, you need to tackle the problem logically. Forget about name resolving for a minute, you need to get the IP routing correctly first.

From a client try:

Ping the default gateway:
ping 192.168.1.254

Ping the FreeBSD Squid box:
ping 192.168.100.102

Does that work?
Try to do this and post what is accessible and what is not from your client machine. Does firewall set up on FreeBSD box?
 
Top