[ previous ] [ next ] [ threads ]
 From:  =?WINDOWS-1252?B?lSCV?= <googl3meister at gmail dot com>
 To:  Angus Jordan <angus dot jordan at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Subnet behind a router behind m0n0wall...
 Date:  Wed, 25 May 2005 07:37:24 +1000
On 5/25/05, Angus Jordan <angus dot jordan at gmail dot com> wrote:
> Hello all,
> I have a network setup as follows:
> <> -> Win2k RAS ->
><>-> m0n0wall
> When I try to access the internet from the 192.168.100.x network, I get
> firewall denied logs in m0n0wall (v1.2 b7).

Sounds as though you have only one default rule for outbound traffic,
which by default is:
allow all from internal LAN SUBNET to external (and keep state)

However, your internal LAN subnet is and your clients
are at - ie: a different subnet != LAN subnet.  If
your internal LAN was a /16 instead a /24 then it would Just Work
(TM), broadcast issues etc aside.

Duplicate the last rule (assuming you haven't added any yet) and
change the source to "network", address range and you
should be OK.