'Re: IPNAT DOESN't WORK, please help ! (fwd)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: IPNAT DOESN't WORK, please help ! (fwd)
From:       "Stephan B. Doliov" <doliov () statsol ! com>
Date:       1997-04-18 20:22:01
[Download RAW message or body]



---------- Forwarded message ----------
Date: Fri, 18 Apr 1997 13:08:03 -0700 (PDT)
From: "Stephan B. Doliov" <doliov@statsol.com>
To: Kenneth Stailey <kstailey@disclosure.com>
Subject: Re: IPNAT DOESN't WORK, please help !

On Fri, 18 Apr 1997, Kenneth Stailey wrote:

> kstailey@cvs(1)$ traceroute 208.147.44.101
> traceroute to 208.147.44.101 (208.147.44.101), 30 hops max, 40 byte packets
  <SNIP hops>
> 13  hydra.wco.com (208.147.44.50)  93.409 ms  89.358 ms  95.665 ms
> 14  hydra101.wco.com (208.147.44.101)  260.425 ms  287.645 ms *
> 
> oh, I see that works OK.
> 
> Does your kernel forward packets?  If it's a 4.4BSD-derived system was
> "options GATEWAY" in the kernel config file?  Is ipforwarding enabled:

my kernel forwards packets now, as i set this parameter (on solaris 2.5
x86, this is ndd -set /dev/ip ip_forwarding 1
and the queried value is retrieved with ndd /dev/ip ip_forwarding, which
confirms that it is now set to 1.

this improved things even more (i am now at a different ip address).  i
got
12:59:24.30414 hydra62.wco.com -> shell.wco.com ETHER Type=0800 (IP), size
= 58 bytes
12:59:24.30414 hydra62.wco.com -> shell.wco.com IP  D=199.4.94.16
S=208.147.44.62 LEN=44, ID=23
12:59:24.30414 hydra62.wco.com -> shell.wco.com TCP D=23 S=10000 Syn
Win=512
12:59:24.30414 hydra62.wco.com -> shell.wco.com TELNET C port=10000 
________________________________
12:59:24.34584 hydra62.wco.com -> shell.wco.com ETHER Type=0800 (IP), size
= 58 bytes
12:59:24.34584 hydra62.wco.com -> shell.wco.com IP  D=199.4.94.16
S=208.147.44.62 LEN=44, ID=24
12:59:24.34584 hydra62.wco.com -> shell.wco.com TCP D=23 S=10000 Syn
Win=512
12:59:24.34584 hydra62.wco.com -> shell.wco.com TELNET C port=10000 
________________________________
12:59:24.71755 shell.wco.com -> hydra62.wco.com ETHER Type=0800 (IP), size
= 63 bytes
12:59:24.71755 shell.wco.com -> hydra62.wco.com IP  D=208.147.44.62
S=199.4.94.16 LEN=49, ID=19157
12:59:24.71755 shell.wco.com -> hydra62.wco.com TCP D=32803 S=23
Ack=339619514 Seq=1664761656 Len=9 Win=8576
12:59:24.71755 shell.wco.com -> hydra62.wco.com TELNET R port=32803
\33[1;7m\33[m
________________________________

an honest to goodness ACK but the telnet clinet on the windows box which
is on my lan still says unable to connect to host.  do you have any ideas
of what is happening.

map now is

List of active MAP/Redirect filters:
map ipdptp0 192.168.1.0/24  -> 208.147.44.62/32  portmap tcp 10000:20000

List of active sessions:
MAP 192.168.1.2     1330  <- -> 208.147.44.62   10001 [199.4.94.16 23] 117
0 382b 3b27

and an active session is shown.  HMMM!  any further suggestions will be
appreciated.  iguana pings statsol2 just fine and vice versa.

btw: i also tried the map ipdptp0 mynet/24 -> 0/32 portmap tcp 10000:20000
but that did not work.  i think we are very close now.

talk to you soon,
steve



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic