I'm trying to learn how to setup an small residential gateway using OpenBSD 5.1.
The NIC cards:
- dc0 card on 192.168.2.0/24 network (considered an external network), having 192.168.2.2 IP address.
- rl0 card not userd at this point.
- rl1 card on 192.168.1.0/24 network (considered the internal network), having 192.168.1.1 IP address.
I want to make the OpenBSD machine a router for rl1:network using NAT. But when trying to ping from a host in rl1:network (192.168.1.50) a host in dc0:network (192.168.2.10) I get no answer, just a message telling "No route to host"
What's wrong? Should I first create a bridge between the two networks and the filter on that bridge? Pinging between OpenBSD router and hosts in each network works OK.
The pf.conf file looks like this:
# Skip on loopback
set skip on lo
match out on dc0 inet from 192.168.1.0/24 to any nat-to dc0
# Allow all inbound and outbound
# Allow NAT explicit access for the match rule above
pass on dc0 inet from 192.168.1.0/24 to any
The output of the pfctl -s rules
match out on dc0 inet from 192.168.1.0/24 to any nat-to 192.168.2.2
pass out all flags S/SA
pass in all flags S/SA
pass on dc0 inet from 192.168.1.0/24 to any flags S/SA