[ previous ] [ next ] [ threads ]
 From:  Alex Dyas <alex dot dyas at psineteurope dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] M0n0wall
 Date:  Mon, 24 Jan 2005 19:16:13 +0100
Chris Buechler wrote:
> On Mon, 24 Jan 2005 17:01:43 +0100, Alex Dyas
> <alex dot dyas at psineteurope dot com> wrote:
>>However, no matter what I try I cannot get ssh working from the Internet
>>to any of the machines.  Logging on M0n0wall shows that the traffic is
>>accepted right to the machine, but blocked going back out.  A tcpdump on
>>the machine verifies that it does see the incoming traffic, and that it
>>tries to reply.
> Sounds like the return traffic is hitting NAT on the way out.  Enable
> advanced outbound NAT and it should route it back out rather than
> trying to NAT it.
> -Chris

Excellent, it works.  So why is that?  I'm guessing because I'm using 
public IPs behind the firewall, where a more conventional setup would 
use a private address space and NAT?

Thanks again :)


-= Alex Dyas , UNIX , DC Ops , PSINet , Geneva =-