[ previous ] [ next ] [ threads ]
 
 From:  "James McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] NAT bug - reaching LAN AP from internet
 Date:  Mon, 15 Aug 2005 07:54:47 -0500
> Hi guys,
> i have find some problem with NAT.  (this have been asked more than
> 20times in Czech and Slovak m0n0wall disscusion group and more people
> had same  results!!!)
> m0n0 is blocking somethings what shouldnt...
> 
> I have set NAT rules:
> if WAN IP 213.215.104.75 and port 5900 go to local IP
> 192.168.100.150:5900 (my PC with VNC) and its working OK 
> 
> Than i have in my LAN AccessPoint 192.168.100.100:81, therefore i set
> rules: 
> 
> if WAN IP 213.215.104.75 and port 81 go to local IP
> 192.168.100.100:81 and this is NOT working !!! (its AP ovislink1120)
> But from LAN i just type 192.168.100.100:81 and there is no problem.  
> 
> Than i have same hardware ovis1120 but i have changed firmaware to
> router, so it no more like AP and this can be reached from internet. 
> 
> I did same NAT steps with normal router (cisco) and its working great
> also with AP (any device can be reached using NAT) .  It looks like
> router is passing somethings what mono dont.  
> 
> But what it can be? ...mono stop some layer or what? ...i really
> don't undestant 

Hate to ask the obvious questions, but here they are:

Are you trying to access the public IP (213.215.104.75) from the LAN (i.e. private IP -
192.168.100.x)? If so - classic LANNAT issue... http://www.m0n0.ch/wall/docbook/faq-lannat.html

The next question is when you created the NAT rule did you allow the auto-creation of the firewall
rule? Maybe auto-create should be the default on inbound NAT?

_________________________________
James W. McKeand