I really want to use m0n0wall because of its ease of configuration, and
traffic shaping features.

I've got things working, more or less, but right now the cisco is
blocking all ports that didn't open a connection outward.

The network looks something like this....

Client1 (10.0.0.20) <--> (10.1.1.1) LAN M0n0wall WAN (192.168.1.2)
<-->(192.168.1.250) LAN Cisco Wan (Dynamicly assigned IP)

I'm having to run NAT on the Cisco, and now have duel layers of NAT,
which I really wanted to avoid and provide an unfiltered connection to
the m0n0wall box. My ISP doesn't support static IP's on ISDN anymore
however.

The problem that I'm having with setup is that I don't know enough IOS
to configure the Cisco so that all inbound packets reguardless of
connection status and port # get's forwarded to the WAN port on
m0n0wall.

My connection is BRI ISDN. On my old PipeLine 75 there was a feature
that would allow you to map all ports to a default inside IP. I don't
see a similar ability on the Cisco, or I don't know where to look. I'd
just use the PipeLine, but it doesn't seem to be able to deal with
dynamic IP's on the WAN interface.

I think there may be a way to setup a ACL to do this, but I don't really
understand ACL's well at all. Can anyone provide any help?

My config on the cisco looks like this....

!
version 12.0
no service pad
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service compress-config
!
hostname Router
!
logging buffered 4096 informational
logging console informational
enable password XXXXXXXXX
!
ip subnet-zero
ip name-server 205.171.3.65
isdn switch-type basic-ni
!
!
!
interface Ethernet0
 ip address 192.168.1.250 255.255.255.0
 no ip directed-broadcast
 ip nat inside
!
interface BRI0
 no ip address
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 dialer rotary-group 0
 isdn switch-type basic-ni
 isdn spid1 XXXXXXXXXXXXXX
 isdn spid2 XXXXXXXXXXXXXX
 isdn timeout-signaling
 no fair-queue
 compress stac
!
interface Dialer0
 ip address negotiated
 no ip directed-broadcast
 ip nat outside
 encapsulation ppp
 dialer in-band
 dialer idle-timeout 200000
 dialer string XXXXXXXXXX
 dialer hold-queue 10
 dialer load-threshold 1 outbound
 dialer-group 1
 no fair-queue
 compress stac
 ppp authentication chap callin
 ppp chap hostname XXXXXXXXXXXXXXXXXX
 ppp chap password 7 XXXXXXXXXXXXXXXXXXX
 ppp multilink
!
ip nat inside source list 101 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip list 101
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 password XXXXXXXXXX
 login
!
end

Router#show v
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 1600 Software (C1600-Y-M), Version 12.0(17a), RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sun 10-Feb-02 23:08 by kellythw
Image text-base: 0x02005000, data-base: 0x02460138

ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
ROM: 1600 Software (C1600-RBOOT-R), Version 12.0(3)T,  RELEASE SOFTWARE
(fc1)

Router uptime is 1 hour, 19 minutes
System restarted by power-on
System image file is "flash:c1600-y-mz.120-17a.bin"

cisco 1604 (68360) processor (revision D) with 18432K/6144K bytes of
memory.
Processor board ID 20454685, with hardware revision 00000003
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
1 ISDN Basic Rate interface(s)
U interface with external S bus interface for ISDN Basic Rate interface.
System/IO memory with parity disabled
8192K bytes of DRAM onboard 16384K bytes of DRAM on SIMM
System running from RAM
7K bytes of non-volatile configuration memory.
4096K bytes of processor board PCMCIA flash (Read/Write)

Configuration register is 0x2102