[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Problems with sshing to an internal machine
 Date:  Tue, 14 Dec 2004 18:46:12 -0500
On Tue, 14 Dec 2004 06:34:57 -0700, tzadikem at picosecond dot com
<tzadikem at picosecond dot com> wrote:
>    I can't seem to get m0n0wall to forward from IP to another (1:1 NAT).
>    Currently our m0n0wall has an address of
>    64.207.38.2 with a 1:1 NAT of 64.207.38.4 --> 192.168.1.160.  When I try
>    to ssh to 64.207.38.4 I don't see anything in
>    the M0n0wall logs nor do I seen anything on my Red Hat Server.  My guess
>    is that M0n0wall is not sending
>    the request forward.   Any idea how to go about figuring this out since
>    the logs are very vague and don't mean a whole
>    lot in M0n0wall.  By the way, I have not problem SSHing from my pc to the
>    Red Hat Server (internall).
> 

They aren't horribly vague at all (though they could certainly be
improved), in this situation if t drops a packet, it logs it.  Nothing
in the firewall logs showing it get dropped?  And you've added an
appropriate firewall rule to allow the traffic in?

Is your 1:1 NAT working properly?  

from 11.1.6.2 on this page http://m0n0.ch/wall/docbook/examples.html#id2597993
--
You can test the 1:1 NAT we just configured by going to whatismyip.com
on the machine configured for 1:1. If you don't have a GUI, lynx will
work, or you can fetch or wget the URL and cat the resulting file.
(fetch http://whatismyip.com && cat whatismyip.com | grep "IP is").

You should see the IP is the one you just configured in 1:1 NAT. If
you get an IP other than the one you configured in 1:1, there is a
problem with your configuration.
--

-Chris