[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] No traffic LAN -> Internet but Internet -> WAN?
 Date:  Tue, 12 Apr 2005 00:13:04 -0700 (PDT)
On Mon, 11 Apr 2005, H H wrote:

> No traffic from either LAN, OPT1 or the WAN interfaces can reach my
> ISP:s gateway...
> There are no firewall rules except passing all out to any from OPT1
> and LAN, nothing is logged except the ICMP packets being passed.
> Now, get this, I get incoming traffic from the net as I see plenty of
> worms being logged when they hit my WAN interface.
> I already tried switching to other NIC:s - same result. Connecting a
> PC straight to my DSL router gives me access instantly as does booting
> into my old Smoothwall config.

On Mon, 11 Apr 2005, Quinten Uijldert wrote:

> Have you tried the following on your m0n0 box? Go to 
> http://ip.of.mono.box/exec.php and enter these two commands:
> route delete default
> route add default -interface -link dc0 (<- change dc0 into your wan ifc)

And if you do that, how is it supposed to know what MAC address to use for
the gateway, when it doesn't have a gateway IP to ARP?  You can get away
with "interface granularity" routes on point-to-point links (including
PPTP and PPPoE), but not on "broadcast" links.

On Mon, 11 Apr 2005, Chris Buechler wrote:

> Can you ping your ISP's default gateway from the ping page under
> Diagnostics on m0n0wall?

That's certainly the first thing I'd try.

> I'd also try what Quinten posted, if your ISP uses shoddy network

See above.

> numbering where the WAN IP's gateway isn't within the WAN subnet, that
> should resolve it.  You can try running 'route get default' first to
> see if it comes back with anything, if not, that's your problem.

It must have *some* default route if it's duplicating the SmoothWall
config, though he doesn't say whether it's obtained statically or

Adding a "link" route to the *gateway* (specifying its IP) could get
around the screwed-up addressing, but that should be *in addition to* the
default route pointing at the gateway.

					Fred Wright