0

So i have a single BSD firewall using NATD and IPFW. This firewall has 5 static IP's assigned to it.

Using NATD i can easily forward and entire external ip to an internal ip. But when the internal server sends it's response how do i get it to come out of the correct IP? NATD just uses the firewalls default gateway.

NATD will only listen on one interface, so it cannot work both directions. It will only forward traffic from external IP's to internal IP's. I need to ensure that all outgoing traffic from a specific internal IP address goes of a specific external IP address.

TriadicTech
  • 448
  • 2
  • 5
  • 14
  • What makes you think NATD isn't rewriting the outbound traffic? – Jenny D Dec 03 '13 at 09:02
  • it does rewrite outbound traffic, but it rewrite all outbound traffic to the same IP. I need to be able to specify a set of internal IP's to be rewritten to a specific external IP. – TriadicTech Dec 03 '13 at 10:12
  • If it's NATing everything to one outbound IP it's because you've configured it to do so. It's quite configurable. You may want to look at the option `-redirect_address` in the MAN page, which describes using static NAT. – Jenny D Dec 03 '13 at 10:47

1 Answers1

0

As suggested in the comments, i've found that "redirect_address" works both ways.

redirect_address private-ip public-ip
redirect_address public-ip private-ip

the above configuration forward the public ip's traffic to your servers private ip, and also forwards it's response and other outgoing traffic to the public ip.

TriadicTech
  • 448
  • 2
  • 5
  • 14