[ previous ] [ next ] [ threads ]
 
 From:  Mat Johns <mbj202 at ecs dot soton dot ac dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] lan server not accessible
 Date:  Thu, 21 Oct 2004 04:21:43 +0100
Quoting Chris Buechler <cbuechler at gmail dot com>:

> On Thu, 21 Oct 2004 03:44:42 +0100, Mat Johns <mbj202 at ecs dot soton dot ac dot uk>
> wrote:
> > hi i have a very wierd prob with my m0n0wall box, basically ive just
> *found*
> > m0n0wall and made the switch from smoothie and working GREAT (esp the
> load
> > balancer :D) except i cant seem to get to open holes in the firewall!
> > 
> > im connecting via an ethernet adsl modem, both that and the m0n0wall box
> have
> > thier own public ip. i have setup on another public ip a 1:1 link with a
> lan
> > server. I have added a rule pemmiting all packets/protocols/ports to this
> lan
> > ip 
> 
> Needs to be to the public IP you mapped it to, not private.  And don't
> permit everything, only the specific port(s) you need.
> 
> -Chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 

It is mapped to a public ip
84.92.71.44/32 => 10.0.0.3/32
under NAT->1:1
I have a proxy arp setup for this address as it is not the firewalls main address

It *should* work as i can see in the firewall packets as passed from a source
and listing the destination as 10.0.0.3

Tick 03:14:31.311463 WAN 152.78.71.23 10.0.0.3 ICMP

and ive checked that i can actually ping from the m0n0wall using the webtool,
its definaty a puzzling one!

yeP understably way to open a firewall but its a very secure linux server it
should be ok whilst i setup to work!

~mat