[ previous ] [ next ] [ threads ]
 
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  "Robert L. Pumphrey" <rlpumphrey at 1mage dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall setup 101
 Date:  Mon, 18 Apr 2005 15:02:10 -0400
If you followed the instructions for loading and setting up m0n0wall,
out of the box, you should be able to get to the internet from a
workstation on the LAN side of m0n0wall. Even pings should work.

However, for getting to network shares like a network neighborhood,
these will not go through the firewall too easily. I believe network
neighborhood is broadcast traffic which gets blocked.

For your test box you would configure:
- the WAN port to a static IP available in your existing LAN 192.168.20.0
- The LAN port could be as you said 192.168.1.1 / 255.255.255.0

Even in the default setup, you should be able to ping a workstation in
the 192.168.20.0 network. Tr ping'n another box.

From the m0n0wall LAN side:
- can you ping the LAN IP of m0n0wall.
- can you ping the WAN IP of m0n0wall.
- can you ping your network gateway address (cisco)

- Don

On 4/18/05, Robert L. Pumphrey <rlpumphrey at 1mage dot com> wrote:
> Dear M0n0wall community I could use some help.
> I know these a simply questions, But there stopping me.
> 
> I would like to add a internal firewall. From time to time we have
> Outside people come in, they have their own computers that they want
> Internet access with.  Right now if we allow them to plug in to our network
> They are on the whole of our network.  I would like to use M0n0wall so that they
> are
> On an "opt" network. It would also allow us a  DMZ for the common internet
> servers
> (web email ftp) .
> 
> Right I'm trying to setup a testbox with two NIC cards.
> I think I' having trouble setting up the static route so that My PC on the inside
> of the M0n0wall can get out to our current Network. Current network is
> "192.168.22.0" with a
> simple subnet of "255.255.255.0"  Inside of the M0n0wall can be any thing, at the
> point I have been using 192.168.1.1/24.  I have two rules defined one out one in
> both should wide open.  Do I need to do anything with NAT, ARP. At this point of
> I try to ping a box on the 192.168.22.0 subnet I get "expired in transit".  We have
> a Cicso router to the internet that I do not feel the need to touch.
> 
> Sorry these are M0nowall 101 level question, But , who someone will help.
> 
> Robert Pumphrey
> rlpumphrey at 1mage dot com
> 1MAGE Software Inc.
> 6025 S. Quebec St.
> Englewood, CO 80111
> (303) 773-1424 ex101
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>