[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall blocking pings
 Date:  Mon, 8 Aug 2005 23:33:52 -0400
On 8/8/05, Eric Hilden <eric at linkednetworks dot com> wrote:
> Everything works great from the LAN side getting out to the Internet and
> pinging other machines on the network in different subnets but I cannot ping
> anything on any interface except the WAN from outside of m0n0wall.
> 

Of course you can't - it's NAT'ing everything, and isn't going to
allow anything to be routed back to its LAN side.

If you need routing in a setup like this (if you eventually plan to
replace the Linksys, I wouldn't do this) then enable advanced outbound
NAT without any NAT rules to disable NAT, and put a static route in
your Linksys (if those things are even capable, I don't recall
offhand) pointing the 192.168.2.0/24 network to 192.168.1.104
(m0n0wall's WAN IP).  Then given the rules you already have, you'll be
able to ping and do whatever else you want on the LAN subnet.

-Chris