Re: [m0n0wall] Something is wrong with Monowall 1.2 and Rules

From:	"Peter B." <monowall at linuxnet dot ch>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Something is wrong with Monowall 1.2 and Rules
Date:	Sat, 10 Dec 2005 10:18:42 +0100

Chris Buechler wrote:

Hi Chris

>then only 172.16.1.0/24 IP's can be on your LAN, unless you have a
>router on your LAN (and static routes configured appropriately for
>that router).
>
I forgot to tell, YES I have a static route for this network.
There's a cisco router on LAN 172.16.1.254/24 where the 62.12.146.136/29 
network is behind.

>  The traffic from those public IP's is dropped because
>those IP's are not within your LAN subnet, and not defined by any
>static routes, therefore can't be a valid network off that interface. 
>  
>
So I need to tell monowall on a different way that 62.12.146.136/29 is 
also a network at the LAN port? how?

>If you have a public/separate IP subnet, you have to put it off of a
>different interface (physical or virtual).
>  
>
I can't because it's behind another router.

>As for the VLAN setup, that would work fine, if you have the trunk
>port and VLAN tags configured appropriately.
>
>  
>
Yes I did this and everything was working except that monowall was 
dropping also everything coming from the vlans.

>-Chris
>  
>
Thanks


Peter