[ previous ] [ next ] [ threads ]
 
 From:  Steve Yates <steve at teamITS dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Getting m0n0wall up and running.
 Date:  Tue, 30 Aug 2005 23:54:21 -0500
On Tue, 30 Aug 2005 21:28:38 -0700 (PDT)
Robert <robertedstrom at yahoo dot com> wrote:

> configuration to work when I switch the function of
> both interfaces from lan to wan.  I can't ping out
> from either interface.  It only works if tl0 is lan
> and de0 is wan.  Any idea why?

	Yes...a router routes between two different networks (subnets).  You
are probably confusing m0n0wall by telling it both your NICs are on the same
network.  If you want them to be on the same subnet - perhaps between your
PCs and your broadband router - you should bridge the two sides together. 

	Unfortunately m0n0wall doesn't let us bridge a LAN and WAN interface,
you must add a third NIC and bridge the WAN with OPT1.  You can still
connect on the LAN interface if you plug it into another switch - i.e.,
don't plug it into the same wired network as either WAN or OPT1.  Otherwise
it gets confused about seeing packets from "itself."  Best thing is to stick
a second NIC in another PC, or set up another box to connect only to the
m0n0wall box.  Yes, you finally have a use for all those old NICs.

	Once you get bridging up, make sure you have added firewall rules to
allow incoming and outgoing traffic on both the WAN and OPT1 sides.  Now you
should be able to ping "across" your bridge.

- Steve Yates
- Out the 10Base-T, through the router, down the T1, over the leased line, off the bridge, past the
firewall.... nothing but Net.

~ Taglines by Taglinator - www.srtware.com ~