[ previous ] [ next ] [ threads ]
 
 From:  Daniele Guazzoni <daniele dot guazzoni at 81 dot 221 dot 12 dot 156>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Question on how to tunnel IP address
 Date:  Tue, 23 Aug 2005 03:15:52 +0200
Andrew,

if I correctly understand your mail you are mixing up public-ip with 
private-ip...
If your internal adresses are in one of the ranges
10.0.0.0        -   10.255.255.255
172.16.0.0      -   172.31.255.255
192.168.0.0     -   192.168.255.255
you will not be able to connect it from outside via a rule.
Those are private-ip and are not routed on the internet.

You will have to configure IPsec on m0n0wall to create tunnels.
Either your friends also have a m0n0wall and you can use m0n0-m0n0 
tunnels or they will have to install some VPN-Client.

Look at the m0n0wall documentation and/or search the list to find out 
how to configure IPsec.

Did I answer your question ?


Daniele


Andrew Batson wrote:
> Hello,
> 
> 	I am trying to allow some friend(s) I know to connect to a computer
> game I have. I know there IP address they are coming from and have add a
> rule to allow then in but M0n0Wall keeps blocking them.
> 
> 	What I did was create a rule on the WAN to allow the specific IP
> address to pass though to the Private IP address of the PC I am playing the
> game on. 
> 
> 	For example: Outside world IP address is "aaa.bbb.ccc.ddd" 
> 			 Private IP address of the PC I want to allow them
> to connect to is "123.456.789.000". 
> 
> 	  So I create a WAN Rule as follows:
> 
> 		Action: PASS
> 		Disabled: uncheck
> 		Interface: WAN
> 		Protocol: TCP/UDP
> 		Source - Type: Single
> 			Address: aaa.bbb.ccc.ddd
> 		Source port range - from: any
> 					    to: any
> 		Destination - Type: Single
> 			     Address: 123.456.789.000
> 		Destination port range - from: any
> 						   to: any
> 		Fragments: uncheck
> 		Log:	Uncheck
> 		Description: Test rule
> 
> 	However, the firewall keeps blocking the IP Address. Is there any
> way to tunnel a IP address from the outside world to the private IP address
> behind the Firewall? I am a little confused here? If some one could give me
> a example that they know works that would be of great help. Or is it not
> possible to do this at all.
> 
> 
> -Thanks for your help,
> Dyslextic
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

-- 



	best regards

------------------------------------------------------------------
Daniele Guazzoni
Senior Network Engineer, CCNA, CCNP

Ackersteinstrasse 203
CH-8049 Zurich
------------------------------------------------------------------
"Destiny is not a matter of chance, it is a matter of choice;
it is not a thing to be waited for, it is a thing to be achieved."
					William Jennings Bryan