Re: AW: AW: [m0n0wall] Help!!! Routing prolem

From:	Gerry Weaver <gerryw at ctwa dot com>
To:	Monowall Mailing List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: AW: AW: [m0n0wall] Help!!! Routing prolem
Date:	Mon, 15 Nov 2004 17:56:33 -0600
Hi,

Sorry. When I was typing this the phone was ringing off the hook. Here's 
the working config from Linux. I can't seem to get this setup working on 
the m0n0wall box.

#!/bin/bash

WAN_IFACE="eth0"
WAN_ROUTER="xx.xx.xx.yy"
LAN_IFACE="eth1"

WAN_IP="xx.xx.xx.xx/24"
LAN_IP="192.168.1.252/24"

dhcpcd -k
sleep 5

ip link set dev $WAN_IFACE down
ip link set dev $LAN_IFACE down

ip addr add dev $WAN_IFACE $WAN_IP
ip addr add dev $LAN_IFACE $LAN_IP

ip link set dev $WAN_IFACE up
ip link set dev $LAN_IFACE up

ip route add default via $WAN_ROUTER
ip route add 192.168.3.0/24 via 192.168.1.254
ip route add 192.168.5.0/24 via 192.168.1.254
ip route add 192.168.7.0/24 via 192.168.1.254

# Masquerade local subnet
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o $WAN_IFACE -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.3.0/24 -o $WAN_IFACE -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.5.0/24 -o $WAN_IFACE -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.7.0/24 -o $WAN_IFACE -j MASQUERADE

Thanks,
Gerry

Andreas Gracco wrote:

>Yes this also doesn't work!
>
>The gateway has everytime to be in the same subnet!
>
>LAN:192.168.4.0/24:192.168.1.254
>LAN:192.168.5.0/24:192.168.1.254
>
>Where are the other router plugged to?
>
>
>	   Internet 
>		|
>		|
>[m0n0wall publicIP 192.168.1.252] (here you need to add the 2 routes above)
>				|
>				|
>  	 --LAN 192.168.1.0/24--
>            |
>		|
>[router 192.168.1.254 + 192.168.4.252] (here "dest. 192.168.5.0/24 gw 192.168.4.254" 
>				| 			and the default route to 192.168.1.252)
>				|
>	  --LAN 192.168.4.0/24--
>		|
>		|
>[router 192.168.4.254 + 192.168.5.254] (here you only need the default route to 192.168.4.252)
>				|
>				|
>	  --LAN 192.168.5.0/24--
>
>
>
>
>Hi,
>
>Thanks for the help ;) .
>
>I still can't get it to work. Here is the current config.
>
>M0n0wall Router
>
>WAN   xx.xx.xx.xx  (public)
>LAN 192.168.1.252
>
>Static Routes
>LAN:192.168.4.0/24:192.168.4.254
>LAN:192.168.5.0/24:192.168.5.254
>
>Router A:  192.168.1.254
>Router B:  192.168.4.254
>Router C:  192.168.5.254
>
>
>The 192.168.1.0 network has internet
>The other networks can ping the LAN side of the m0nowall box, but have 
>no internet
>
>Thanks,
>Gerry
>
>
>Andreas Gracco wrote:
>
>  
>
>>Hi
>>
>>I think this is why the subnet of the m0n0wall itself also is in 192.168.0.0/16, this wont work!
>>Add a rule for every subnet... like
>>
>>192.168.4.0/24 - 192.168.1.254
>>192.168.5.0/24 - 192.168.1.254
>>
>>
>>i hope this helps...
>>
>>
>>
>>
>>
>>
>>Hello All,
>>
>>I'm having a routing problem with m0n0wall. I'm trying to replace a 
>>Soekris box which was running Linux with the same running m0n0wall. My 
>>network setup is below:
>>
>>M0n0wall Router
>>
>>WAN   xx.xx.xx.xx  (public)
>>LAN 192.168.1.252
>>
>>Router A:  192.168.1.254
>>Router B:  192.168.4.254
>>Router C:  192.168.5.254
>>
>>The problem is that when I assign a static route of 192.168.0.0/16 - 
>>192.168.1.254 on the m0n0wall box, I lose internet access to all. The 
>>private nets have access to each other though. Does anyone have any 
>>thoughts?
>>
>>Thanks,
>>Gerry
>>
>>
>>
>>
>> 
>>
>>    
>>
>
>  
>

-- 
Gerry Weaver

IT-Pro Corp.

Office: (254) 883-9040
Mobile: (512) 663-9550
Fax   : (254) 883-9041