|
||||||||
Even with CP off it won't allow me out on the web with NAT disabled. So, it has nothing to do with the radius auth in the CP that's for sure. "block private networks" is unchecked as well. Any other ideas? Could I send you my config? Thanks, dale -----Original Message----- From: Chris Buechler [mailto:cbuechler at gmail dot com] Sent: Monday, October 10, 2005 4:35 PM Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] NAT and network monitoring, please help On 10/10/05, Thibodeau, Dale <dthibode at uwc dot edu> wrote: > Will I then need to configure an outbound NAT rule manually? Checking > the "enable advanced outbound NAT" is preventing users from logging > into the captive portal. > hrm, not sure why disabling NAT would mess up CP. Everything works with NAT disabled and CP disabled? You can leave NAT on if you want, you'll have to setup 1:1 NAT entries with proxy ARP'ed IP's on your WAN side to get to the devices behind the m0n0wall in that setup (using the WAN side 1:1 NAT'ed IP's, not the IP's behind m0n0wall). You shouldn't need NAT at all since both sides of m0n0wall are on private network space. What you're doing now is NAT'ing them at m0n0wall, then NAT'ing them again before they leave your network for the Internet. Double NAT'ing isn't recommended, NAT is enough of a kludge when you only do it once. also make sure "block private networks" isn't selected on the WAN interface page. -Chris --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |