On 9/3/05, Chris Buechler <cbuechler at gmail dot com> wrote:
> then it doesn't seem to be using that gateway.
> but... Just saw something. That interface is named "portal", assuming
> you're using captive portal on it? I believe that'll drop any traffic
> coming into the interface without regard to the state table because
> it's ipfw at that stage until authenticated, at which point ipfilter
> takes over and states will again apply.
> so what you probably want to try is taking out your NAT rule and
> putting in an exception in captive portal for your AP. I'd be
> interested in hearing if that works.
Is this the setting in Captive Portal named "Allowed IP Addresses"? If it
is, then yes. The IP of the AP (192.168.100.31 <http://192.168.100.31/> and
192.168.100.32 <http://192.168.100.32/>) is allowed with a direction of
If you are referring to pass-through MAC, the MAC addresses of the APs are
I still can't access OPT1 devices from LAN. (although I must also reiterate
that upon doing this, I dont want OPT1 devices to access PCs from LAN.)
> if you enable outbound NAT, you'll need NAT rules that map you to your
> WAN IP when going out to the internet.
I tried this and it worked but I still don't know the security issues of
enabling this. And OPT1 can no longer access my website that is hosted under
It seems that i enable some and lose some =(