Re: [m0n0wall] Accessing ADSL Router box on WAN side of m0n0wall

From:	"Tom Anderson" <tom at haremail dot net>
To:	"Jack Challen" <jack underscore challen at ocsl dot co dot uk>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Accessing ADSL Router box on WAN side of m0n0wall
Date:	Wed, 12 Oct 2005 10:14:33 -0700

My situation is similar. I put my m0n0wall first, then put the router on the
OPT1 interface. I disabled DHCP on the router and use static IP addresses on
everything (but you could use either the DHCP from your router or from the
m0n0wall if you don't want to use static IP's. My LAN interface has only my
wife's computer and mine on it and my 5 kids are all on the OPT1 with the
router. This seems like a strange setup, but I do it so I can have time and
day based rules on the kid's interface to limit internet usage to reasonable
hours on school days.

----- Original Message -----
From: "Jack Challen" <jack underscore challen at ocsl dot co dot uk>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, October 12, 2005 9:12 AM
Subject: [m0n0wall] Accessing ADSL Router box on WAN side of m0n0wall


> Hi all,
>
> Just upgraded to m0n0 1.2, and it's just as great as I'd hoped. Thanks!
>
> I'm using m0n0wall to protect my home network (192.168.3.0/24) from the
> internet. I'm connected to the internet by an ADSL router (D-Link
> DSL300-T) running in bridge mode, then doing the PPP authentication from
> m0n0wall as PPPoE. This is (or has been) utterly, utterly reliable.
>
> The one thing I want to do is to get access to the router's (sucky) web
> interface from inside my LAN. My router's configured as 192.168.3.222,
> but it's obviously on the WAN side of the firewall. You can still access
> it while it's in bridge mode, but because it's on the "wrong" side of
> the firewall, ARP requests don't make it across; it's a private network
> connected to the public interface.... you get the idea.
>
> I thought I might be able to do Nasty Stuff with the Proxy Arp, but it
> doesn't appear to do what I mean. Am I using the wrong tool? Is this
> even possible? (I can shift the DSL's IP address if it makes things
easier).
>
> Hopefully unnecessary network diagram:
>
> --------------+       +------+        +-------------+
> 192.168.3.0   |      L| m0n0 |W       |192.168.3.222|
> /24  (LAN)    +-------+ .3.1 +--------+ADSL Router  +---Internet
> --------------+       +------+        +-------------+
>
>
> Apologies if this is a FAQ, but I have looked.
>
> thanks in advance.
> jack
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.11.14/129 - Release Date: 10/11/2005