'Emergency help for ipnat not working with Yahoo messenger'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Emergency help for  ipnat not working with Yahoo messenger
From:       "khodadad Nejadkoorki" <kh_nezhad () irib ! com>
Date:       2003-06-09 7:53:00
[Download RAW message or body]

Dear all
Hi

I use IPNAT fot natting invalid addresses of my test network to a valid address , \
every thing is ok except Yahoo messenger's voice service .

My network topology is as below :

Invalid Network (172.16.8.0/21)    <----------------->   Nat & Filtering machine  \
<--------------->   Internet

My natiing rules are as below :

map fxp1 172.16.8.0/21 -> 0/32 proxy port ftp ftp/tcp
map fxp1 172.16.8.0/21 -> 0/32 proxy port 7070 raudio/tcp
map fxp1 172.16.8.0/21 -> 0/32 portmap tcp/udp 2000:65000
map fxp1 172.16.8.0/21 -> 0/32
 
And also my active filtering rule set is as below :
 
block in quick proto tcp from any to 0.0.0.0/0.0.0.255 port = 80
block in quick proto tcp from 0.0.0.0/0.0.0.255 port = 80 to any
block in quick proto tcp from any port = 80 to 0.0.0.0/0.0.0.255
block in quick proto tcp from 0.0.0.0/0.0.0.255 to any port = 80
#
block in quick proto tcp from any to 0.0.0.0/0.0.0.255 port = 25
block in quick proto tcp from 0.0.0.0/0.0.0.255 port = 25 to any
block in quick proto tcp from any port = 25 to 0.0.0.0/0.0.0.255
block in quick proto tcp from 0.0.0.0/0.0.0.255 to any port = 25
#
pass  in quick on fxp0 from 172.16.8.0/21 to any
pass  in quick on fxp0 from 172.16.3.0/24 to any
block in quick on fxp0 from any to any
block in quick on fxp1 from 172.16.8.0/21 to any
block in quick on fxp1 from 172.16.3.0/24 to any
#
pass in all
pass out all


Please if it is possible, let me know how do I can solve this problem .
Special thanx for you help .

Best hopes
Kh. Nejadkoorki


[Attachment #3 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META content="MSHTML 5.00.2920.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Dear all</FONT></DIV>
<DIV><FONT face=Arial size=2>Hi</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>I&nbsp;use IPNAT&nbsp;fot natting invalid addresses 
of my test network to a valid address , every thing is ok except Yahoo 
messenger's voice service .</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>My network topology is as below :</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>Invalid Network (172.16.8.0/21)&nbsp;&nbsp;&nbsp; 
&lt;-----------------&gt;&nbsp;&nbsp;&nbsp;Nat &amp; 
Filtering&nbsp;machine&nbsp; &lt;---------------&gt;&nbsp;&nbsp; 
Internet</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>My natiing rules&nbsp;are as below :</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>map fxp1 172.16.8.0/21 -&gt; 0/32 proxy port ftp 
ftp/tcp<BR>map fxp1 172.16.8.0/21 -&gt; 0/32 proxy port 7070 raudio/tcp<BR>map 
fxp1 172.16.8.0/21 -&gt; 0/32 portmap tcp/udp 2000:65000<BR>map fxp1 
172.16.8.0/21 -&gt; 0/32</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>And also my active filtering rule&nbsp;set&nbsp;is 
as below :</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>block in quick proto tcp from any to 
0.0.0.0/0.0.0.255 port = 80<BR>block in quick proto tcp from 0.0.0.0/0.0.0.255 
port = 80 to any<BR>block in quick proto tcp from any port = 80 to 
0.0.0.0/0.0.0.255<BR>block in quick proto tcp from 0.0.0.0/0.0.0.255 to any port 
= 80<BR>#<BR>block in quick proto tcp from any to 0.0.0.0/0.0.0.255 port = 
25<BR>block in quick proto tcp from 0.0.0.0/0.0.0.255 port = 25 to any<BR>block 
in quick proto tcp from any port = 25 to 0.0.0.0/0.0.0.255<BR>block in quick 
proto tcp from 0.0.0.0/0.0.0.255 to any port = 25<BR>#</FONT></DIV>
<DIV><FONT face=Arial size=2>pass&nbsp; in quick on fxp0 from 172.16.8.0/21 to 
any<BR>pass&nbsp; in quick on fxp0 from 172.16.3.0/24 to any<BR>block in quick 
on fxp0 from any to any<BR>block in quick on fxp1 from 172.16.8.0/21 to 
any<BR>block in quick on fxp1 from 172.16.3.0/24 to any<BR>#<BR>pass in 
all<BR>pass out all<BR></FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>Please if it is possible, let me know how do&nbsp;I 
can solve this problem .</FONT></DIV>
<DIV><FONT face=Arial size=2>Special thanx for you help .</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2>Best hopes</FONT></DIV>
<DIV><FONT face=Arial size=2>Kh. Nejadkoorki</FONT></DIV>
<DIV><FONT face=Arial size=2>&nbsp;</DIV></FONT></BODY></HTML>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic