Lee Sharp wrote:
> From: "Steve Johnson" <sjohnson at warpdriveonline dot com>
>> Steve Johnson wrote:
>>> Lee Sharp wrote:
>>>> Is your m0n0wall web interface http or https? If http, it could be
>>>> the antilockout rule. Try changing m0n0wall to https and see if it
>>> Good idea, but no, that wasn't it. I switched webGUI protocol to
>>> https and rebooted the firewall. I still get a connection timeout
>>> from the accessing browser, and no record of the access attempt in
>>> the log.
>> I checked with the ISP and found out that they block port 25, but
>> nothing else. So now I'm really stumped as to why I'm not seeing http
>> access attempts in the firewall log.
> To get in you need both a inbound NAT rule, and a firewall rule. An
> easy check is to flip back to http for m0n0wall and turn off the
> inbound NAT. If you get the m0n0wall page, you have the firewall rule
> OK. If not, you need to open up the firewall more. If you do get it,
> look at your inbound NAT rule.
[ Problem summary: I can't access http server in the DMZ from WAN
interface. From the LAN interface, it's fine. ]
I set the webGUI back to http and deleted the NAT rule. When I browse
the WAN IP address from outside, I get the same result -- a connection
timeout at the browser and no indication of an access attempt in the
log. I then rewrote the one WAN rule to pass all traffic inbound to any
http port on any interface. Still nothing and still no log entries.
Out of curiosity, I tried hitting the IP address on a variety of ports
and protocols: ping, ssh, telnet, ftp and telnet to port 80. All were
blocked, but at least the ping, ssh and telnet showed up in the log as
blocked packets. http and ftp simply vanished:
Block 19:59:36.901484 WAN 216.17.nnn.nnn, port 48549 24.56.nnn.nn,
port 22 TCP
Block 19:59:11.361441 WAN 216.17.nnn.nnn, port 8089 24.56.nnn.nn,
port 23 TCP
Block 19:50:36.096978 WAN 216.17.nnn.nnn 24.56.nnn.nn,
type echo/0 ICMP
More and more I'm thinking this is an ISP issue. They confirmed today
that they routinely block SMTP port 25. I think they're blocking other
ports as well. I will check and really make them work to confirm it.
Does anyone else have another suggestion as to what might be happening?