Re: [m0n0wall] NAT via the WAN address doesn't work?

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] NAT via the WAN address doesn't work?
Date:	Wed, 26 Oct 2005 11:46:31 -0400

On 10/26/05, Roland Giesler <roland at giesler dot za dot net> wrote:
> I have strange problem in M0n0wall which probably has to do with the my lack
> of understanding of iptables and firewalls, but...
>
> If I NAT traffic from WAN to LAN on port 443, the attempted traffic is not
> even registered in the logs.  No block or accept entry.  Nothing, nada,
> zilch.  However, if I use a secondary IP on the WAN, it all works 100%!
> (I'm refering to adding another IP  under "Server NAT")
>

is your webGUI using https?


>
> However, when I attempt to add the WAN ip to the SERVER NAT list, M0n0wall
> informs me that:
> <quote>
> The following input errors were detected:
>
>     * The WAN IP address may not be used in a Server NAT entry.
> </quote>
>
> Does this mean that I cannot NAT from the WAN addres?

No, the interface address option on the Inbound NAT screen does that. 
Server NAT is only for IP's other than your WAN IP.


> If I set up a NAT rule from the external IP I've added under "Server NAT" it
> works 100%, but if I switch back to the default IP on the WAN port, it
> doesn't??
>
> Here's some data for the config that works.  Below that is the config that
> doesn't work.
>

config.xml, or the entire status.php page, would be much more useful. 
The bit you provided doesn't help much.

-Chris