# NAT configuration



## MrBadGuy (Dec 13, 2013)

I have to configure _a_ NAT server as shown in the image.







When traffic from the internal network is passing through the NAT server the source address must be replaced with the address 10.18.51.Z. TCP connections that are opened for a 10.18.51.Z address on ports for which I want to redirect, should be transferred to the node 192.168.1.X where X is the number of the machine acting as the internal network node and Y is the  number of the machine acting as the external network node. Ports for which I want to perform redirection are 23 and 53. Addresses from the Internal network that must be redirected are all addresses from the network 192.168.1.0/26 except for TCP connections on port 80.

I'm using ipfw plus natd for this. Here's my configuration.

File /etc/rc.conf:

```
ifconfig_em0="inet 192.168.1.4/24"
ifconfig_eml="inet 10.18.51.4/24"
gateway_enable="YES" 
natd_enable="YES"
natd_interface="em1"
natd_flags="-f /etc/natd.conf"
firewall_enable="YES"
firewall_script="/etc/ipfw.rules"
```
File /etc/ipfw.rules:

```
#!/bin/sh 
ipfw -q flush
cmd="ipfw -a add "
$cmd 00240 allow all from any to any
$cmd 00250 divert natd all from any to any via em1
```
File /etc/natd.conf

```
redirect_address 192.168.1.132 0.0.0.0
redirect_port tcp 192.168.1.132:23 23
redirect_port tcp 192.168.1.132:53 53
```

192.168.1.132 - machine from the internal network.

How can I find out whether NAT works correctly?


----------



## estrabd (Jan 31, 2014)

If from the internal (192.168.1.x) machine you ping an external server (www.google.com e.g.) and you get a response back, then it should be working.


----------

