[ previous ] [ next ] [ threads ]
 From:  =?iso-8859-2?Q?Peter_Parni=E8an?= <peter at procad dot sk>
 To:  "Seth Martin" <SethM at turbinegenerator dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] NAT bug - reaching LAN AP from internet
 Date:  Mon, 15 Aug 2005 15:58:28 +0200
Hi, im not using VPN, yet.
My m0n0 is, all users IP from 100.10 - to 100.50, main AP is 
100.100:81, second AP 100.200:82

..so all devices are in same subnet!


----- Original Message ----- 
From: "Seth Martin" <SethM at turbinegenerator dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, August 15, 2005 3:34 PM
Subject: RE: [m0n0wall] NAT bug - reaching LAN AP from internet

Can you provide the details of all your access point subnets, maybe it's a 
routing issue with the gateway when logged into the vpn.  What subnet is the 
VPN assigned, What subnet are your Access points running on.

-----Original Message-----
From: Peter Parnièan [mailto:peter at procad dot sk]
Sent: Monday, August 15, 2005 9:19 AM
To: James McKeand; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] NAT bug - reaching LAN AP from internet

Hi, of course im not trying access NATed services by the public IP address
from LAN!
Im in my office conected with DSL (20km far from home) and im trying to
reach my vilage-network APs. Users in my network are connected wireless to

I wolud like to reach  AccesPoint behind mono. (now im doing this way:
conect to my PC using VNC, and from my PC located in LAN side  i can open
webadmin page of AP located in LAN) But i cant do it directly to AP from my
office with PROPERLY set NAT rules. (auto-creation firewall rule etc..)
There is somethings with mono... (NAT is working but not properly, i can
reach PC, routers but not AP... ..If i use normal router its no problem to
reach any device)
What are routers passing and mono doesnt?

Anyway, James - thx. for reply!

----- Original Message ----- 
From: "James McKeand" <james at mckeand dot biz>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, August 15, 2005 2:54 PM
Subject: RE: [m0n0wall] NAT bug - reaching LAN AP from internet

Peter Parnièan wrote:
> Hi guys,
> i have find some problem with NAT.  (this have been asked more than
> 20times in Czech and Slovak m0n0wall disscusion group and more people
> had same  results!!!)
> m0n0 is blocking somethings what shouldnt...
> I have set NAT rules:
> if WAN IP and port 5900 go to local IP
> (my PC with VNC) and its working OK
> Than i have in my LAN AccessPoint, therefore i set
> rules:
> if WAN IP and port 81 go to local IP
> and this is NOT working !!! (its AP ovislink1120)
> But from LAN i just type and there is no problem.
> Than i have same hardware ovis1120 but i have changed firmaware to
> router, so it no more like AP and this can be reached from internet.
> I did same NAT steps with normal router (cisco) and its working great
> also with AP (any device can be reached using NAT) .  It looks like
> router is passing somethings what mono dont.
> But what it can be? ...mono stop some layer or what? ...i really
> don't undestant

Hate to ask the obvious questions, but here they are:

Are you trying to access the public IP ( from the LAN (i.e.
private IP - 192.168.100.x)? If so - classic LANNAT issue...

The next question is when you created the NAT rule did you allow the
auto-creation of the firewall rule? Maybe auto-create should be the default
on inbound NAT?