Re: [m0n0wall] How to access AP settings under OPT1 from LAN?

From:	Ervin Malicdem <schadow1 at gmail dot com>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] How to access AP settings under OPT1 from LAN?
Date:	Sat, 3 Sep 2005 06:49:28 +0800

On 9/3/05, Chris Buechler <cbuechler at gmail dot com> wrote:
> 
> then it doesn't seem to be using that gateway.
> 
> but... Just saw something. That interface is named "portal", assuming
> you're using captive portal on it? I believe that'll drop any traffic
> coming into the interface without regard to the state table because
> it's ipfw at that stage until authenticated, at which point ipfilter
> takes over and states will again apply.
> 
> so what you probably want to try is taking out your NAT rule and
> putting in an exception in captive portal for your AP. I'd be
> interested in hearing if that works.

Is this the setting in Captive Portal named "Allowed IP Addresses"? If it 
is, then yes. The IP of the AP (192.168.100.31 <http://192.168.100.31/> and 
192.168.100.32 <http://192.168.100.32/>) is allowed with a direction of 
"From".

If you are referring to pass-through MAC, the MAC addresses of the APs are 
also listed.

I still can't access OPT1 devices from LAN. (although I must also reiterate 
that upon doing this, I dont want OPT1 devices to access PCs from LAN.)

> 
> if you enable outbound NAT, you'll need NAT rules that map you to your
> WAN IP when going out to the internet.

I tried this and it worked but I still don't know the security issues of 
enabling this. And OPT1 can no longer access my website that is hosted under 
LAN.

It seems that i enable some and lose some =(

Thanks again