[ previous ] [ next ] [ threads ]
 
 From:  Steve Ringwald <asric at asric dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Strange problem with vmware
 Date:  Sat, 07 Jan 2006 04:15:59 -0800 
Gabrie van Zanten wrote:
> Hi
>  
> Preparing a server with vmware GSX. On it there will be a number of
> virtual machines and I'm using M0n0Wall to act as a firewall. At this
> moment however, the server is in my internal network. So the WAN
> interface has a private IP:  192.168.0.108 / 24. The LAN interface is
> 192.168.15.254 / 24. On the side of the LAN interface I have a few
> virtual machines (dc01 192.168.15.1 and ex01 192.168.15.2). From both
> dc01 and ex01 I can access the m0n0wall webGui. They can also surf the
> web, using NAT from M0n0wall and going through my LAN. Their default
> gateway is set to m0n0wall (192.168.15.254). On the WAN interface there
> is the 192.168.0.0/24 network. Default gateway is 192.168.0.254. My
> client pc is 192.168.0.102. 
>  
> client 192.168.0.102 ---> WAN 192.168.0.108(dhcp) / LAN 192.168.15.254
> <-------> EX01 192.168.15.2
>  
> Now I've created the following rules:
>  
> Firewall -> NAT -> inbound:   If = WAN, Proto = TCP, Ext.Port Range = 25
> (SMTP), NAT IP = 192.168.15.2, Int. Port range = 25 (SMTP), Description
> = SMTP incoming
> Firewall -> Rules -> LAN:   proto = *, Source = LAN Net, Port = *,
> Destination = *, Port = *, Description = Default LAN -> Any
> Firewall -> Rules -> WAN: proto = TCP, Source = *, Port = *, Destination
> = 192.168.15.2, Port = 25 (SMTP), Description = NAT SMTP incoming.
>  
> When I try to telnet from my client to 192.168.0.108 port 25, I receive
> no reply. 
>  
> The logfile looks like this:
> 22:06:47.934316 lnc0 @0:13 b 192.168.0.102,3540 -> 192.168.15.2,25 PR
> tcp len 20 48 -S IN 
> 22:06:41.911158 lnc0 @0:13 b 192.168.0.102,3540 -> 192.168.15.2,25 PR
> tcp len 20 48 -S IN 
> 22:06:38.940851 lnc0 @0:13 b 192.168.0.102,3540 -> 192.168.15.2,25 PR
> tcp len 20 48 -S IN 
>
> I tried the same with http. Same result. On the EX01 Webserver I see no
> log entry of incoming trafic. To verify that smtp and http work on
> 192.168.15.2, I accessed them from 192.168.15.1 and this works.
>  
> I can't figure out what is going wrong.....
>   

Do you have Block Private Addresses set by any chance? 192.168.X.X are 
privates....

Steve