Re: [m0n0wall] strange m0n0 issue

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] strange m0n0 issue
Date:	Tue, 1 Nov 2005 17:47:25 -0500

On 11/1/05, Phil Christensen <phil at reflexionsdata dot com> wrote:
> Hi Folks,
>
> I've started configuring a Soekris net4501 box with m0n0wall, and i'm
> running into a strange issue. I've been unable to ping the WAN
> interface of the device, so I followed the troubleshooting flowchart
> in the docs.

this looks like the one hole I knew was in that chart, but I figured
it was obscure enough that possibly nobody would actually run into it.
 :)  I'll have to fix that.

>
> WAN interface
> Gateway                xx.x.170.161
>
> LAN interface
> IP address             xx.x.170.189
> Subnet mask            255.255.255.224
>

Your LAN and WAN IP's are on the same subnet.  Routers and firewalls
don't work in that type of scenario.  A single IP subnet must be on
only one interface.

Bridging should work well for this type of setup, if you don't have
any NAT hosts involved at all.  there are other alternatives with 1:1
NAT or other types of NAT if you don't care whether the public IP is
on the actual system.

-Chris