[ previous ] [ next ] [ threads ]
 
 From: 
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RV: [m0n0wall] Problem connecting Workstation on LAN whit server on OPT1
 Date:  Tue, 7 Feb 2006 10:18:15 -0500
Hi, i using monowall but have a problem whit the comunication from a
workstation in my LAN whit a sever in the interface OPT

                WAN
                 |
                 |
        -----------------------------------------
        |                                       |
        OPT 10.10.10.10/30                     LAN 192.168.1.233/24
        |                                       |
        ROUTER (10.10.10.9)                     MY ESTATION
(192.168.1.233)
        |
        |
        SERVER (192.168.250.40)






The reasult is not work ;( 

C:\>pathping 10.10.10.9



  0  estacion71.avansoft.com [192.168.1.138]
  1  192.168.1.233
  2     *        *        *

^C
C:\ >pathping 192.168.250.40



  0  estacion71.avansoft.com [192.168.1.138]
  1  192.168.1.233
  2     *        *        *


really not that to do, or that happens to him to monowall




Commands using the console interface
(http://192.168.1.233:10000/exec.php):


CHECK THIS (I DONT NOW THE REASON FOR NO RESPONSE FROM 10.10.10.9)

$ ping -c 2 -S 192.168.1.233 10.10.10.9
PING 10.10.10.9 (10.10.10.9) from 192.168.1.233: 56 data bytes

--- 10.10.10.9 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss


$ ping -c 2 -S 10.10.10.10 10.10.10.9
PING 10.10.10.9 (10.10.10.9) from 10.10.10.10: 56 data bytes
64 bytes from 10.10.10.9: icmp_seq=0 ttl=255 time=2.262 ms
64 bytes from 10.10.10.9: icmp_seq=1 ttl=255 time=2.147 ms

--- 10.10.10.9 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.147/2.204/2.262/0.058 ms


$ ping -c 2 -S 10.10.10.10 192.168.1.138
PING 192.168.1.138 (192.168.1.138) from 10.10.10.10: 56 data bytes
64 bytes from 192.168.1.138: icmp_seq=0 ttl=128 time=0.819 ms
64 bytes from 192.168.1.138: icmp_seq=1 ttl=128 time=0.705 ms

--- 192.168.1.138 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.705/0.762/0.819/0.057 ms



$ ping -c 2 10.10.10.9
PING 10.10.10.9 (10.10.10.9): 56 data bytes
64 bytes from 10.10.10.9: icmp_seq=0 ttl=255 time=2.217 ms
64 bytes from 10.10.10.9: icmp_seq=1 ttl=255 time=2.131 ms

$ traceroute 192.168.250.40
traceroute to 192.168.250.40 (192.168.250.40), 64 hops max, 44 byte
packets
 1  10.10.10.9 (10.10.10.9)  2.292 ms  2.233 ms  2.204 ms
 2  * 192.168.128.2 (192.168.128.2)  25.990 ms  22.845 ms

$ traceroute 10.10.10.9
traceroute to 10.10.10.9 (10.10.10.9), 64 hops max, 44 byte packets
 1  10.10.10.9 (10.10.10.9)  81.327 ms *  2.465 ms

ping -c 2 192.168.1.138
PING 192.168.1.138 (192.168.1.138): 56 data bytes
64 bytes from 192.168.1.138: icmp_seq=0 ttl=128 time=0.783 ms
64 bytes from 192.168.1.138: icmp_seq=1 ttl=128 time=0.730 ms

$ arp -a
? (10.10.10.9) at 00:10:7b:2c:d0:3a on sis3 [ethernet]
? (192.168.1.20) at 00:12:3f:6e:30:3a on sis0 [ethernet]
aagomez.avansoft.com (192.168.1.138) at 00:12:3f:0b:12:34 on sis0
[ethernet]
router.avansoft.com (200.124.170.9) at 00:13:1a:63:36:e2 on sis1
[ethernet]






$ ping -c 2 -S 10.10.10.10 10.10.10.9
PING 10.10.10.9 (10.10.10.9) from 10.10.10.10: 56 data bytes
64 bytes from 10.10.10.9: icmp_seq=0 ttl=255 time=2.262 ms
64 bytes from 10.10.10.9: icmp_seq=1 ttl=255 time=2.147 ms

--- 10.10.10.9 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.147/2.204/2.262/0.058 ms


$ ping -c 2 -S 10.10.10.10 192.168.1.138
PING 192.168.1.138 (192.168.1.138) from 10.10.10.10: 56 data bytes
64 bytes from 192.168.1.138: icmp_seq=0 ttl=128 time=0.819 ms
64 bytes from 192.168.1.138: icmp_seq=1 ttl=128 time=0.705 ms

--- 192.168.1.138 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.705/0.762/0.819/0.057 ms


-----------------------------------


  
Routing tables
 
Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            200.124.170.9      UGSc        1      270   sis1
10.10.10.8/30      link#4             UC          1        0   sis3
10.10.10.9         00:10:7b:2c:d0:3a  UHLW        1       21   sis3
39
10.202.92/30       link#3             UC          0        0   sis2
127.0.0.1          127.0.0.1          UH          0        0    lo0
192.168.1          link#1             UC          2        0   sis0
192.168.1.20       00:12:3f:6e:30:3a  UHLW        0        8   sis0
905
192.168.1.138      00:12:3f:0b:12:34  UHLW        2     1501   sis0
1140
192.168.12         link#5             UC          0        0   sis4
192.168.250.40/32  10.10.10.9         UGSc        0       48   sis3
200.124.170.8/29   link#2             UC          1        0   sis1
200.124.170.9      00:13:1a:63:36:e2  UHLW        2        0   sis1
1145
  



this is my configuration ... config.xml
 
<?xml version="1.0"?>
<m0n0wall>
    <version>1.6</version>
    <lastchange>1139320820</lastchange>
    <system>
        <hostname>firewall</hostname>
        <domain>xxxxx.com</domain>
        <dnsallowoverride/>
        <username>admin</username>
        <password>xxxxx</password>
        <timezone>America/Bogota</timezone>
        <time-update-interval>300</time-update-interval>
        <timeservers>pool.ntp.org</timeservers>
        <webgui>
            <protocol>http</protocol>
            <port>10000</port>
        </webgui>
        <dnsserver>192.168.1.20</dnsserver>
    </system>
    <interfaces>
        <lan>
            <if>sis0</if>
            <ipaddr>192.168.1.233</ipaddr>
            <subnet>24</subnet>
            <media/>
            <mediaopt/>
        </lan>
        <wan>
            <if>sis1</if>
            <mtu/>
            <blockpriv/>
            <media/>
            <mediaopt/>
            <ipaddr>200.124.170.12</ipaddr>
            <subnet>29</subnet>
            <gateway>200.124.170.9</gateway>
            <spoofmac/>
        </wan>
        <opt1>
            <descr>Suratep</descr>
            <if>sis2</if>
            <ipaddr>10.202.92.2</ipaddr>
            <subnet>30</subnet>
            <bridge/>
            <enable/>
        </opt1>
        <opt2>
            <descr>Suramericana</descr>
            <if>sis3</if>
            <ipaddr>10.10.10.10</ipaddr>
            <subnet>30</subnet>
            <bridge/>
            <enable/>
        </opt2>
        <opt3>
            <descr>Pruebas</descr>
            <if>sis4</if>
            <ipaddr>192.168.12.11</ipaddr>
            <subnet>24</subnet>
            <bridge/>
            <enable/>
        </opt3>
    </interfaces>
    <staticroutes>
        <route>
            <interface>lan</interface>
            <network>192.168.250.40/32</network>
            <gateway>10.10.10.9</gateway>
            <descr>Enrutamiento a suramericana</descr>
        </route>
    </staticroutes>
    <pppoe/>
    <pptp/>
    <bigpond/>
    <dyndns>
        <type>dyndns</type>
        <username/>
        <password/>
        <host/>
        <mx/>
        <server/>
        <port/>
    </dyndns>
    <dnsupdate/>
    <dhcpd>
        <lan>
            <range>
                <from>192.168.1.100</from>
                <to>192.168.1.199</to>
            </range>
        </lan>
    </dhcpd>
    <pptpd>
        <mode/>
        <redir/>
        <localip/>
        <remoteip/>
    </pptpd>
    <dnsmasq>
        <enable/>
    </dnsmasq>
    <snmpd>
        <syslocation/>
        <syscontact/>
        <rocommunity>public</rocommunity>
    </snmpd>
    <diag>
        <ipv6nat>
            <ipaddr/>
        </ipv6nat>
    </diag>
    <bridge/>
    <syslog/>
    <nat/>
    <filter>
        <rule>
            <type>pass</type>
            <interface>opt2</interface>
            <source>
                <any/>
            </source>
            <destination>
                <network>lan</network>
            </destination>
            <log/>
            <frags/>
            <descr/>
        </rule>
        <rule>
            <type>pass</type>
            <interface>lan</interface>
            <source>
                <network>lan</network>
            </source>
            <destination>
                <any/>
            </destination>
            <log/>
            <frags/>
            <descr>Default LAN -&gt; any</descr>
        </rule>
    </filter>
    <shaper/>
    <ipsec/>
    <aliases/>
    <proxyarp/>
    <wol/>
</m0n0wall>


---------------------------------------------------------------------------
Este mensaje y/o sus anexos son para uso exclusivo de su destinatario