[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Vittore Zen <drzen at gamebox dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 2 m0n0wall - why?
 Date:  Tue, 19 Apr 2005 10:35:47 -0400 
On 4/19/05, Vittore Zen <drzen at gamebox dot net> wrote:
> My network:
> 
>                        DMZ
>                         ^
>                         |
> public ip 1 <-------> m0n0 1 <----
>                                 |
>                                 +--> LAN
>                                 |
> public ip 2 <-------> m0n0 2 <----
>                         |
>                         |
>                      Wifi LAN
> 
> m0n0 2 has a static route for DMZ to m0n0 1
> m0n0 1 has a static route for Wifi LAN to m0n0 2
> 
> m0n0 1 rules permit:
> - any traffic from LAN
> - any traffic from WAN to DMZ
> - no traffic from DMZ to LAN
> 
> m0n0 2 rules permit:
> - any traffic from LAN
> - any traffic from Wifi LAN to LAN
> - no traffic from WAN
> 
> hosts in LAN can ping and connect to hosts in DMZ
> hosts in LAN can ping but no connect to hosts in Wifi LAN. Why?
> 

Sounds like you're missing a static route on m0n0 1 pointing the wifi
subnet to the LAN IP of m0n0 2.

-Chris