[ previous ] [ next ] [ threads ]
 
 From:  "Allan D. Piske" <zyryz at terra dot com dot br>
 To:  <m0n0wall at lists dot m0n0 dot ch>, <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  Broken VLAN setup
 Date:  Mon, 18 Oct 2004 14:59:13 -0200 
Hi list,

I'm trying to use m0n0 (1.2b1) as a 1NIC (onboard sis900 ) firewall/router using VLANs, but
something got wrong. ( I tried this before using previous versions, but none worked ).
I get DHCP on lan ( VLAN1 ), I can access WebGUI, also I can resolve DNS ( trought forwarder ), and
I can ping to external internet addresses, but no application that uses TCP/IP passes troght IT. I'm
using PPPoE on WAN ( VLAN 2 ), and My switch config is OK ( 3com superstack ii 1100 series ).

A cut of my status.php:::
------------------------------------------
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	ether 00:d0:09:6c:54:7f
	media: Ethernet autoselect (10baseT/UTP <full-duplex>)
	status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	ether 00:d0:09:6c:54:7f
	media: Ethernet autoselect (10baseT/UTP <full-duplex>)
	status: active
	vlan: 1 parent interface: sis0
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	ether 00:d0:09:6c:54:7f
	media: Ethernet autoselect (10baseT/UTP <full-duplex>)
	status: active
	vlan: 2 parent interface: sis0
----------------------------------------------------------


another part on NAT

----------------------------------------------------------
List of active MAP/Redirect filters:
map ng0 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map ng0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map ng0 192.168.1.0/24 -> 0.0.0.0/32
rdr ng0 0.0.0.0/0 port 3389 -> 192.168.1.222 port 3389 tcp
rdr ng0 0.0.0.0/0 port 8888 -> 192.168.1.222 port 8888 tcp

* active mappings, seems ok, but none actually works. I removed it because it's too much of space
and because of exposure of wan ips.

List of active host mappings:
192.168.1.222 -> 0.0.0.0 (use = 3 hv = 1133)
192.168.1.222 -> 0.0.0.0 (use = 1 hv = 1133)
--------------------------------------------------

I'm used to see numbers below 100 on HV, so I found that is weird, is that ok to have a high number
like that ?

===============================================
RIght now, I'm using another m0n0wall box, with 2 NICs ( 3com isa ) and everything works, but i
needed to replace it, by the never one.

regards,

Allan.



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.778 / Virus Database: 525 - Release Date: 15/10/2004