[ previous ] [ next ] [ threads ]
 From:  Kev Latimer <kev at ne23 dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: Re: Public IP's on OPT
 Date:  Fri, 10 Dec 2004 14:11:01 +0000
Jesse Guardiani wrote:

>Kev Latimer wrote:
>>I'm even making an arse of replying to emails now, this really isn't a
>>good day!
>>As should have said:
>>Josh - I didn't set any outbound NAT entries, OPT2 itself should (I
>>think) only be seen but the m0n0 as it is purely to be an IPSEC
>>endpoint, all the LAN traffic being routed up the tunnel.  That said, I
>>did exactly as you explained below and still no luck.  Running 1.11 on a
>>CF card on an Epia PD1000.
>>Jesse - how did you get your OPT interface to respond to pings?  If I
>>can get that bit right I think I'll stand a chance of kludging the rest
>>together :)
>Action....: Pass
>Interface.: WAN
>Protocol..: ICMP
>Source....: Any
>Source Rng: Any -> Any
>Dest......: My WAN IP Address
>Dest Rng..: Any -> Any
>I also have a rule allowing UDP 33435 -> 33524 to the same WAN IP. This
>allows traceroutes.
Is there any way at all to get an OPT interface to respond to anything 
on a public IP?  I've tried plugging it into a couple of ADSL routers on 
a number of different IP's and no matter what rules I put in place (that 
have the desired effect when applied to the WAN interface) the firewall 
logs still show all these pings, traceroutes and IPSec/ESP attempts 
being blocked.

I think I really need a definitive answer here - can I actually have 
multiple public IP's using OPT interfaces on a m0n0.  I'm tearing my 
hair out here, I cannot see what I'm doing wrong!