# Adding a new server



## networklabs (May 24, 2013)

Hi,

I am adding new server to my network.

Public IP = X.X.X.X
Private IP = Y.Y.Y.Y

And it does not work.

Changes I did were:

In rc.conf, I added an alias:

```
ifconfig_em0_alias23="inet X.X.X.X netmask 255.255.255.255"
```

Created a NAT file in /etc/nat/


```
#Host.com 
#interface em0
alias_address X.X.X.X

port 9012
same_ports
dynamic
redirect_address Y.Y.Y.Y X.X.X.X

punch_fw 30000:1000
```

Changes in rc.local, added,


```
/sbin/natd -f /etc/nat/host.com
```

Created rules for NAT & Access in rc.firewall:


```
#Host.com
${fw} divert 9012 ip from any to X.X.X.X
${fw} divert 9012 ip from Y.Y.Y.Y to any

internal="Y.Y.Y.Y"
external="X.X.X.X"

# allow any traffic out
${fw} allow log tcp from $internal to any setup
${fw} allow log tcp from $external to any setup
${fw} allow log udp from $internal to any setup
${fw} allow log udp from $external to any setup

# DNS Queries
${fw} allow log udp from $internal,$external to any 53
${fw} allow log udp any 53 to $internal,$external

# tcp ports
${fw} allow log tcp from any to $internal 80,443,2222,9080,9443 setup
```

Am I doing something wrong or missing anything*?*

I already have eight servers running, this is the new one I am adding.

Thanks.


----------



## networklabs (May 24, 2013)

I think the problem is that I may need to add proxy ARP for this public IP. But when I do it, I get an error:


```
[root@ns1 /etc]# arp -s X.X.X.C (MAC ADDRESS) pub only
set: proxy entry exists for non 802 device
```

Any help?


----------



## ShelLuser (May 24, 2013)

networklabs said:
			
		

> And it does not work.


I hope you do realize that this tells us absolutely nothing. What doesn't work?

_*Edit*_: Before you're going to answer that your server doesn't work let me clarify a little bit: sharing what you tried to solve your problem doesn't tell us anything about what that problem is. For all we know your problem could be accessing the Internet from your new server, or accessing your server from the Internet, etc., etc..

Next it would also help if you'd specify what version of FreeBSD you're using, and what firewall you're trying to set up specifically (FreeBSD has many of them).

For example; on my FreeBSD 9.1 environment I don't have a directory /etc/nat.


----------

