On 5/25/05, Angus Jordan <angus dot jordan at gmail dot com> wrote:
> Hello all,
> I have a network setup as follows:
> 192.168.100.0/24 <http://192.168.100.0/24> -> Win2k RAS ->
> 192.168.42.0/24<http://192.168.42.0/24>-> m0n0wall
> When I try to access the internet from the 192.168.100.x network, I get
> firewall denied logs in m0n0wall (v1.2 b7).
Sounds as though you have only one default rule for outbound traffic,
which by default is:
allow all from internal LAN SUBNET to external (and keep state)
However, your internal LAN subnet is 192.168.42.0/24 and your clients
are at 192.168.100.0/24 - ie: a different subnet != LAN subnet. If
your internal LAN was a /16 instead a /24 then it would Just Work
(TM), broadcast issues etc aside.
Duplicate the last rule (assuming you haven't added any yet) and
change the source to "network", address range 192.168.100.0/24 and you
should be OK.