I've been using FreeBSD for about seven years now for personal computing. Recently, I was asked to construct a gateway/firewall/network address translation server to serve two networks. Something like this:
where re0, rl0, and rl1 stands for network cards, of course. As the system is now configured, all systems on the 192.168.0.* and 192.168.1.* networks are able to operate on the Internet without problems. They are also able to access the server's resources fine through SSH and SCP.
However, the systems on 192.168.0.* are unable to talk to systems on 192.168.1.* and vice versa---the two networks simply do not see each other.
I'm more of a programmer than a network admin, so I'm sure I'm making a n00b mistake. I've looked around online, but not seen anything helpful. Would someone mind pointing me in the right direction to get these two networks talking through the server? Posted below are my /etc/rc.conf and the output of ifconfig---if you need any other information, just let me know; I'll be watching this thread closely. Thank you for your help!
/etc/rc.conf:
ifconfig:
Code:
rl0
re0 | | --> 192.168.0.*
Internet --> |Server|
| | --> 192.168.1.*
rl1where re0, rl0, and rl1 stands for network cards, of course. As the system is now configured, all systems on the 192.168.0.* and 192.168.1.* networks are able to operate on the Internet without problems. They are also able to access the server's resources fine through SSH and SCP.
However, the systems on 192.168.0.* are unable to talk to systems on 192.168.1.* and vice versa---the two networks simply do not see each other.
I'm more of a programmer than a network admin, so I'm sure I'm making a n00b mistake. I've looked around online, but not seen anything helpful. Would someone mind pointing me in the right direction to get these two networks talking through the server? Posted below are my /etc/rc.conf and the output of ifconfig---if you need any other information, just let me know; I'll be watching this thread closely. Thank you for your help!
/etc/rc.conf:
Code:
powerd_enable="YES"
ntpdate_enable="YES"
ntpd_enable="YES"
sshd_enable="YES"
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
firewall_logging="YES"
natd_enable="YES"
natd_interface="re0"
natd_flags="-redirect_port tcp 192.168.0.2:54095 54095 -redirect_port udp 192.168.0.2:54095 54095"
ifconfig_re0="inet 24.159.87.174 netmask 255.255.255.252"
ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0"
ifconfig_rl1="inet 192.168.1.1 netmask 255.255.255.0"
defaultrouter="24.159.87.173"
hostname="www.mywebaddress.org"
apache22_enable="YES"
smartd_enable="YES"
enable_quotas="YES"
check_quotas="YES"
ftpd_enable="YES"
cupsd_enable="YES"
darkstat_enable="YES"
darkstat_interface="re0"
darkstat_flags="-b 192.168.0.1 -p 16500"
hpssd_enable="YES"
devfs_system_ruleset="system"ifconfig:
Code:
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
ether 00:1f:d0:66:54:08
inet 24.159.87.174 netmask 0xfffffffc broadcast 24.159.87.175
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0a:cd:17:2c:63
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0a:cd:19:bd:98
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
media: Ethernet autoselect (10baseT/UTP)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
Done.