Thread: pf.conf and nat
View Single Post
  #5   (View Single Post)  
Old 8th December 2012
latux latux is offline
New User
Join Date: Nov 2012
Posts: 2

Hello J65nko
thanks a lot for your explications.
Your network plan is great, but i have an other constellation:

                  +-------------------------+                |
                  |                         |  --|-Monitoring (intra_if)   |               (gw)
                  |                         |                | --|-FTP-Server (extra_if)   |--|
                  |                         |  (clients - mgt_if) --|-FTP-Clients (sto_if)    |  (.11/.12/.21/.31)
                  |                         |
The clients (on are communicating over a VPN with the World.
They are connected on the OBSD-FW (mgt_if) to be able to communicate with other FTP-Clients (sto_if) and servers (extra_if), who are localized on the internet. This is the reason, why i have this FW between.
The machine on intra_if will do monitoring of all hosts.
On the FW, i have rules to grant communication between:
- ftp servers/clients (ftp-proxy)
- some ftp-servers (trusted) with my mgt_if workstations (ftp-proxy)

So now, i want to realise at first, monitoring from intra_if ( to mgt_if (
The FW should grant ssh, vnc, snmp (161-162) to mgt_if
That´s it
The host ( have already a route to communicate with mgt_if (route add
But i can not add a route on the mgt_if-hosts to intra_if (route add That the reason, i was thinking, i can work with a NAT to realise this.
Thanks in advance again
Reply With Quote