Sharing over Ethernet 2

Ashley Aitken mrhatken at mac.com
Tue Oct 30 19:37:21 PDT 2007 

On 31/10/2007, at 3:00 AM, LuKreme wrote:

> I have a OS X 10.5 Mac Pro connected to the Internet via Ethernet  
> Port 1.  I have internet sharing enabled for both the airport and  
> ethernet port 2.
>
> No problems so far.  The Mac on the airport works fine, and the PC  
> on ethernet 2 gets an IP address, see the internet, and everything  
> works.

Welcome to the world of multi-segment LANs.  Apple's (NAT-based)  
sharing will certainly allow all the machines to access the network  
but accessing machines and other resources behind NATs (especially  
PCs) is not that easy (manually or with Bonjour).

> Trouble is, I want to punch one port through from the outside world  
> through to the PC. It's a port above 1024, so that's not an issue.
>
> The internet connection comes from a Comcast business router (cable  
> modem+router in one) and I have the router set to pass the port to  
> the Mac Pro, and this is working.  Now I need to know how to tell  
> the Mac to pass the port on to the PC.
>
> I tried googling, but nothing seemed to come up that was useful.  I  
> found some people asking the same sort of question, and found some  
> answers that applied to modifying the ipfw settings or restarting  
> natd with a custom file (and doing it after every boot).

You could probably do this but I think it would only be a partial  
solution to the situation you have.  I would recommend that you turn  
off sharing to the ethernet 2 connection (heck, even to the airport  
connection) and add static routes to each of these LANs (the airport  
and the ethernet 2).

This way you can (or should be able to) forward the particular port  
you wish to forward directly to the IP address of the PC (and it  
should be routed there).  I say "should" because some router firewall  
software only allows you to forward ports to IP addresses on the same  
segment.

Of course, multiple segments are the norm for businesses.  I have one  
at home and it all works fine once it is set-up.  If you do it this  
way you can even share a printer off the PC etc.

Just a suggestion.

Cheers,
Ashley.


--
Ashley Aitken
Perth, Western Australia
mrhatken at mac dot com
Skype Name: MrHatken (GMT + 8 Hours!)

More information about the MacOSX-talk mailing list