[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Advanced Outbound NAT
 Date:  Sun, 31 Jul 2005 19:06:15 -0400
On 7/30/05, Joe Walton <jwalton at kappanetworks dot com> wrote:
> LAN on Router A can all access the internet fine.  But hosts at LAN B and
> LAN C (not pictured) cannot.  There is a LAN side denial showing up on the
> m0n0wall for any subnet other than the /24 of the m0n0wall trying to go out.

Sounds like you haven't added static routes.  The antispoofing rules
will drop that traffic, because it can't return it to that source
network on the LAN interface.  Add static routes on the LAN interface
and everything will work.

you don't need advanced outbound NAT in this scenario, so if that
doesn't work I'd imagine you messed up something there.  I'd just
disable it.