I am pretty sure I have it solved not.
I changed the rules for the WAN. Instead of using the public IP's, I
substituted the private IP's in the WAN rules.

Now I am able to get access from outside in for a given webserver.

old rules
WAN - ANY - ANY - aa.43.155.34 http
WAN - ANY - ANY - aa.43.155.34 https

new rules
WAN - ANY - ANY - 192.168.222.4 http
WAN - ANY - ANY - 192.168.222.4 https

Does anyone disagree with this ??? and why ??

- Don


On Sat, 26 Mar 2005 22:34:04 -0500, Don Munyak <don dot munyak at gmail dot com> wrote:
> btw... from the firewall log I can see the traffic being blocked to
> the webserver IP's
> 
> I am using a laptop with a dial-up account separate from our corparate
> lan, trying to gain access to our webservers
> 
> - Don
> 
> 
> On Sat, 26 Mar 2005 22:22:14 -0500, Don Munyak <don dot munyak at gmail dot com> wrote:
> > I have installed m0n0wall 1.11
> > I can get out to the internet from my workstation (hence this post)
> > I have configured 1:1 nat for the web server's on the LAN side of m0n0wall
> > I am trying to allow inbound traffic to our webservers.
> >
> > WAN aa.43.155.34 /32  192.168.222.5 /32  www
> > WAN aa.43.155.36 /32  192.168.222.6 /32  www
> > WAN aa.43.155.38 /32  192.168.222.8 /32  www
> > WAN aa.43.155.39 /32  192.168.222.9 /32  www
> >
> > For the Rules
> >
> > WAN - ANY - ANY - aa.43.155.34 http
> > WAN - ANY - ANY - aa.43.155.34 https
> > WAN - ANY - ANY - aa.43.155.36 http
> > WAN - ANY - ANY - aa.43.155.36 https
> >
> > I am not getting any inbound webserver traffic.
> >
> > I also set Proxy Arp for network range aa.43.155.33 - aa.43.155.46
> > where the useable IP range is 14 IP's
> >
> > aa.43.155.32 / 28 network
> > aa.43.155.33 ethernet port on the router
> > aa.43.155.45 wan port on m0n0wall
> > 192.168.222.1 lan port on m0n0wall
> >
> > How do I get inbound traffic to the servers we are hosting ?
> >
> > Thanks,
> >
> > - Don
> >
>