[ previous ] [ next ] [ threads ]
 
 From:  brett at woollum dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?
 Date:  Sat, 19 Nov 2005 21:07:53 -0700
Ok, I have gone to Firewall:Rules:WAN and entered the following:

Protocol/Source IP/Source Port/Dest IP/Dest Port/Description
TCP/UDP  *  *  192.168.1.1  80            HTTP
TCP/UDP  *  *  192.168.1.3  20-21       FTP
TCP/UDP  *  *  192.168.1.3  80            HTTP
TCP/UDP  *  *  192.168.1.3  5800-6000 VNC Server
TCP/UDP  *  *  192.168.1.4  5800-6000 VNC Server

My WAN interface is addressed as x.193.
In Firewall:NAT:1:1 I have the following:

Interface/Ext IP/Int IP/Decription
WAN  XXX.XXX.XXX.198/32  192.168.1.4/32  Maincomputer
WAN  XXX.XXX.XXX.198/32  192.168.1.3/32  Server PC

In Services:Proxy ARP I have:
Interface/Network/Description
WAN  XXX.XXX.XXX.198  Description 1
WAN  XXX.XXX.XXX.205  Description 1
WAN  XXX.XXX.XXX.209  Description 1
WAN  XXX.XXX.XXX.251  Description 1

After everything is applied and tested, it still will not work properly.
I can log onto my AOL client (which allows it to come from outside the
network) or even try from work and I get nothing on any of the port
80's.. Not the monowall, not the server, no VNC.... If anyone can tell
me what other feature I need to add to make it work that would be
great!

To recap my network:
I have 5 static IPs that need to be 'forwarded' to the appropriate
machines. These machines should be using their associated Public IP
when browsing the net (the 1:1 right now is working awesome to do
this).

Thanks!
Brett Woollum


> -------- Original Message --------
> Subject: RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?
> From: "James W. McKeand" <james at mckeand dot biz>
> Date: Sat, November 19, 2005 4:20 am
> To: <m0n0wall at lists dot m0n0 dot ch>
> 
> Interface would be WAN
> Source IP would be any.
> Source port would be any.
> Destination IP would be Internal IP of server in question.
> Destination port would be <insert service port here> i.e. 80.
> 
> _________________________________
> James W. McKeand
> 
>  
> 
> -----Original Message-----
> From: brett at woollum dot com [mailto:brett at woollum dot com] 
> Sent: Friday, 18 November 2005 6:15 PM
> To: James W. McKeand
> Subject: RE: [m0n0wall] 1:1 NAT works ok, but there's a catch?
> 
> Ok, So I will enter a firewall rule for port 80, with a source port of
> any, and the destination private IP of 192.168.1.3. What should the
> source IP be? Or should it? Thanks!
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch