# -redirect_address with ipnat?



## nocturnal (Dec 31, 2009)

Summary: I want to redirect ALL traffic, on ALL ports, coming from my internal network interface bge1 with ip block 10.10.10.0 to my external interface bge0 and external ip-address.

Reading 31.9 Network Address Translation in the handbook i see you can use -redirect_address in natd_flags of rc.conf to redirect any packets coming in on an external interface to an internal ip. Static NAT. I am however using ipnat, with an ipnat rules file. 

I want to achieve this but in reverse, i would like packets comming in on one of my internal interfaces to be redirected to the external interface. This is to avoid issues with an application that registers an internal ip-address when i connect to it. 

I figure that if my internal network is being redirected through an external ip, the application will register this external ip-address and work as designed. 

My LAN is on interface bge1 with ip class 10.10.10.0 so i guess i'd use something like this rdr bge1 10.10.10.0/16 -> 83.209.XX.XX tcp. 

But this would omit the port argument, i seem to get errors by doing so. Is there a way to accomplish what i'm trying to do with ipnat?


----------



## nocturnal (Dec 31, 2009)

Hmm, i just discovered map-block when i realized that what i want is basically static NAT using ipnat and not natd. 

So would this do it perhaps? 
	
	



```
map-block bge1 10.10.0.0/16 -> 209.1.2.0/24 ports auto
```

I will try it right now.


----------



## nocturnal (Dec 31, 2009)

Ok, so i just made a map rule instead, but i don't think i can do what i think i can with ipnat. Because it's not working the way i want it to work. 

I'll just leave this here over new years and hope someone with a better understanding of NAT and networking can help me out. 

My home network has a number of clients behind a wlan router. This wlan router has the ip 192.168.55.1 towards the internal LAN but towards the FreeBSD server LAN it has 10.10.10.10. 

The bge1 interface on my FBSD server is internal towards the LAN and has ip 10.10.10.1, it is my gateway. 

Problem here is that i need the wlan router for my clients, so any contact with my gateway server is done from the ip 10.10.10.10. 

This causes issues when i connect to an application hosted on my gateway server because that application sees my client ip-address as 10.10.10.10, this is fine locally but when this application starts talking to outside machines it transmits my ip-address as 10.10.10.10 and this is obviously not good. 

I was trying to solve this somehow but i think the reason i'm so confused is that there is no way to solve it without getting rid of the wlan router. 

So for now i'll just let this rest, unless someone can think of a better solution for me. 

I will be getting another ip-address for my wlan network around february so that will solve the problem once and for all.


----------

