[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?Eleazar_Mart=EDnez?= <eleazar dot martinez at technosoft dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  NAT 1:1 problem
 Date:  Fri, 1 Apr 2005 12:11:24 -0600
I'm trying to setup my m0n0 box as follows:

LAN: IP 192.168.0.1/24
WAN: IP 192.168.1.1/24 GW 192.168.1.2
OP1: IP 192.168.2.1/24

I have a server in OP1 with the IP 192.168.2.10. I want the server to be
accessible (all ports/protocols) from the WAN side at the public ip address
192.168.1.10. I add a NAT 1:1 on WAN with external 192.168.1.10 and internal
192.168.2.10. Rules for the firewall on WAN permit traffic for destination
192.168.2.10 and on the OP1 I allow all traffic. My setup doesn't seem to
work...

Without the addition of the OP1 interface everything works fine.

On the WAN I have disabled the checkbox for "Block private networks".

Do you see any problems with the above setup?

Some extra fun that might be causing problems: from the WAN side there will
be coming packets from 192.168.0.0/24 (thanks to a vpn router) directed to
192.168.1.10. Is this a problem because the packets will 'look' like they
come from my LAN (192.168.0.0/24)? Do I have to tell it somehow to not route
those packets to the LAN but send them using NAT to OP1 (a static route
maybe)? And, lastly, am I just trying to do something that isn't possible
with the packages that m0n0 uses internally?

By the way... I don't need any connection between LAN and OP1 at all so it's
ok if they cannot see each other.

Thanks in advance.