Kim C. Callis wrote:
> I have a client that has cameras connected wirelessly to a monowall
> box. They also have a seperate network for the internal services. The
> want to be able to view the cameras on the 172 network, but they want
> nothing coming into the internal network. I tried to place a static
> route onto the monobox, but when I connected it to the switch, it
> started serving up 172 address to clients that should have been served
> up been served up by the 192 dhcp server.
> 
> Is there an easy way to provide access to the 172 router from the 192
> side of the network (and keep in mind that that lan is not attached in
> any way to the 172). The IT guy doesn't want (or maybe doesn't know
> how) to add a static route on his side of the network.

Lets get this straight (apologies for the bad ASCI):

                                  Internet
                                     |
                                Internet router
                                     |
                 .-------------------'--------------------.
      Some subnet (10.1.1.1/24)                Same subnet (10.1.1.2/24)
                 |                                        |
              m0n0wall                              Internal router
                 |                                        |
               172/24                                   192/24

If this is the case, then you add a static route on m0n0wall to 192/24 
with a gateway of 10.1.1.2 (and be sure to allow incoming traffic from 
192/24).

However, the other admin MUST also put a static route to 172/24 with a 
gateway of 10.1.1.1 (and add firewall rules if they don't have a 
stateful firewall).

No easy ways here, the other router must be modified or the traffic will 
go to the internet router.

Jeb

-- 

Jeb Campbell
jebc at c4solutions dot net