[ previous ] [ next ] [ threads ]
 
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] NAT bug - reaching LAN AP from internet
 Date:  Mon, 15 Aug 2005 09:34:36 -0400
Can you provide the details of all your access point subnets, maybe it's a routing issue with the
gateway when logged into the vpn.  What subnet is the VPN assigned, What subnet are your Access
points running on. 

-----Original Message-----

Sent: Monday, August 15, 2005 9:19 AM
To: James McKeand; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] NAT bug - reaching LAN AP from internet

Hi, of course im not trying access NATed services by the public IP address 
from LAN!
Im in my office conected with DSL (20km far from home) and im trying to 
reach my vilage-network APs. Users in my network are connected wireless to 
mono.

I wolud like to reach  AccesPoint behind mono. (now im doing this way: 
conect to my PC using VNC, and from my PC located in LAN side  i can open 
webadmin page of AP located in LAN) But i cant do it directly to AP from my 
office with PROPERLY set NAT rules. (auto-creation firewall rule etc..)
There is somethings with mono... (NAT is working but not properly, i can 
reach PC, routers but not AP... ..If i use normal router its no problem to 
reach any device)
What are routers passing and mono doesnt?

Anyway, James - thx. for reply!
pet.


----- Original Message ----- 
From: "James McKeand" <james at mckeand dot biz>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, August 15, 2005 2:54 PM
Subject: RE: [m0n0wall] NAT bug - reaching LAN AP from internet



> Hi guys,
> i have find some problem with NAT.  (this have been asked more than
> 20times in Czech and Slovak m0n0wall disscusion group and more people
> had same  results!!!)
> m0n0 is blocking somethings what shouldnt...
>
> I have set NAT rules:
> if WAN IP 213.215.104.75 and port 5900 go to local IP
> 192.168.100.150:5900 (my PC with VNC) and its working OK
>
> Than i have in my LAN AccessPoint 192.168.100.100:81, therefore i set
> rules:
>
> if WAN IP 213.215.104.75 and port 81 go to local IP
> 192.168.100.100:81 and this is NOT working !!! (its AP ovislink1120)
> But from LAN i just type 192.168.100.100:81 and there is no problem.
>
> Than i have same hardware ovis1120 but i have changed firmaware to
> router, so it no more like AP and this can be reached from internet.
>
> I did same NAT steps with normal router (cisco) and its working great
> also with AP (any device can be reached using NAT) .  It looks like
> router is passing somethings what mono dont.
>
> But what it can be? ...mono stop some layer or what? ...i really
> don't undestant

Hate to ask the obvious questions, but here they are:

Are you trying to access the public IP (213.215.104.75) from the LAN (i.e. 
private IP - 192.168.100.x)? If so - classic LANNAT issue... 
http://www.m0n0.ch/wall/docbook/faq-lannat.html

The next question is when you created the NAT rule did you allow the 
auto-creation of the firewall rule? Maybe auto-create should be the default 
on inbound NAT?

_________________________________
James W. McKeand


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch