[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] *Really" strange WAN pinhole behaviour
 Date:  Sun, 8 May 2005 19:10:01 -0400
On 5/7/05, Stephan A. Rickauer <stephan at rickauer dot com> wrote:
> Guys,
> I am hoping to get some help here as I wasn't able to solve my problem myself,
> neither by spending half a day on it, nor by finding it on the web/lists etc.
> I have to admit this is the first time I am *not* using a Linux/iptables
> box ...
> We have a fairly simple setup:
>     SERVER ------- m0n0wall ------- CLIENT
> where m0n0walls interfaces belong to private networks; WAN=,
> LAN= In the above sketch, m0n0s _right_ interface is LAN, and
> the _left_ interface is WAN. SERVER has, CLIENT is
> All I want to do is to have ssh access from the SERBER to the CLIENT (not the
> 'usual' other way around, pls. don't ask me why :) ). Dumb approach: I added
> a rule for 'WAN' allowing ssh from SERVER to CLIENT. Doesn't work, so I
> thought maybe I need to specify the reverse 'channel' separately. So I added
> a LAN rule, allowing the accordant back connection from CLIENT to SERVER.
> (btw: Is that the way to do it when not wanting NAT?)

Turn on advanced outbound NAT on the NAT screen, outbound tab, to turn
off NAT.  NAT is breaking the connection because return packets are
getting NAT'ed.