RE: [m0n0wall] Remote login to Wireless AP behind m0n0wall on the LAN

From:	"James W. McKeand" <james at mckeand dot biz>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Remote login to Wireless AP behind m0n0wall on the LAN
Date:	Thu, 1 Dec 2005 14:20:42 -0600

Chris Flugstad wrote:
> I have a Wireless AP on the lan, instead of using the monowall as the
> AP(ex. 192.168.1.2).  I have 3 AP's actually.  What I am trying to do
> is remotely log into them using port forwarding.  I did this easily
> on my old linksys, but for some reason i think im missing a rule, or
> something in the firewall setttings.  What i'd like to do is
> basicallly put in the WAN IP  with the port that is forwarded(ex.
> 216.127.71.160:3333) and have it open up the wireless AP on
> 192.168.1.2.  Can anyone help me?       

Assuming you use different ports on each AP. 

I would use Inbound NAT:
Interface:  WAN
External address:  Interface address
Protocol:  TCP/UDP
External port range  from: (other) <port>  
                       to: (other) <port>  
NAT IP: <Enter the internal IP address>
Local port:  (other) <port>  
Description: Give it a good description
Check the "Auto-add a firewall rule to permit traffic through this NAT
rule" checkbox.

You would be able to connect to the WAN IP:<port> from off site and
connect to the AP with the corresponding port. You will create 3 such
rules (1 for each AP). Make sure you have security of some kind on the
AP - its admin interface will be open to the world...

_________________________________
James W. McKeand