|
||||||||
-----Original Message----- From: Greg Sims [mailto:greg underscore sims at earthlink dot net] Sent: donderdag 23 oktober 2003 18:40 To: m0n0wall at lists dot m0n0 dot ch Subject: [m0n0wall] Network Access from Dial-Up: Plan B Thank-you to those who helped me get a modem to PPTP connection established into m0n0wall. I was able to establish the connection but the performance is such that the interface is not usable. I need to move on to "Plan B". My Plan B is to open a port on the firewall that passes traffic to a specific host on the LAN interface of m0n0wall. I thought I would start with a Big hole in the firewall just to get started and limit the size of the firewall hole as I gain experience. I added the following rule to the firewall: Interface=WAN, Protocol=any, Source=any, Source Port=n/a, Destination=Single Host/192.168.0.3, Destination Port=n/a, Fragment=null My understanding is this should redirect any traffic that originates on the WAN to host 192.168.0.3. >> This is wrong. This only opens a hole (a big one :), but it does not >> redirect the traffic (and since private ranges are not routed over the >> internet, you will not be able to use the internal address as a destination >> for ex. a ping). In firewall > NAT > Inbound, you'll have to add a NAT rule >> that redirects a PORT or PORT RANGE to your internal server. >> To do this, you would have to know which services you want to make >> available to the internet, and look up their port numbers. >> Joachim The WAN interface to m0n0wall is a static ip address, let's call it 123.456.789.1. I first tested host 192.168.0.3 from the LAN side of the network with a ping which worked. I then shut down my LAN connection and used a modem to connect to the internet. I issued the following command: "ping 123.456.789.1". I believe this ping should be redirected to the 192.168.0.3 host on the LAN side of m0n0wall. This host (192.168.0.3) should be able to respond to the ping as there is also a firewall rule that allows the LAN to go anywhere: Interface=LAN, Protocol=any, Source=any, Source Port=n/a, Destination=any, Destination Port=n/a, Fragment=null Unfortunately I receive a Ping timeout when I ping the WAN IP address from the Internet via modem. Any ideas you have getting this sorted out would be appreciated! Greg --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch ----------------------------------------------- MISSION STATEMENT ----------------------------------------------- Océ enables its customers to manage their documents efficiently and effectively by offering innovative print and document management products and services for professional environments. ----------------------------------------------- DISCLAIMER ----------------------------------------------- This e-mail message and any attachment are intended for the sole use of the recipient(s) named above and may contain information which is confidential and/or protected by intellectual property rights. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by other persons than the designated recipient(s) is prohibited. If you have received this e-mail in error, please notify the sender either by telephone (0032-2-729.48.11) or by e-mail and delete the material from any computer. Oce-Belgium/Oce-Interservices is nor responsible for the correct and complete transfer of the contents of the sent e-mail, neither for the receipt on due time. This e-mail message does not bring about a contractual obligation for Oce-Belgium/Oce-Interservices. Thank you for your cooperation. For further information about Oce-Belgium/Oce-Interservices please see our website at www.oce.be ----------------------------------------------- |