[ previous ] [ next ] [ threads ]
 
 From:  "Konstantin Rudoy" <Subscribe at k dot rudoy dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Example how to access my server from inside
 Date:  Thu, 22 Jan 2004 10:54:14 -0500
Hi!

Bellow is a part of a FAQ. How can I add override(s)... blah-blah-blah ...
to
have access to my server from inside? I would like to have some examples,
because I do not know what to do at all. The solution bellow for me is only
words :-(

------------

Why isn't it possible to access NATed services by the public IP address from
LAN?

Problem:
It is not possible to access NATed services using the public (WAN) IP
address from within LAN (or an optional network). Example: you've got a
server in your LAN behind m0n0wall and added a NAT/filter rule to allow
external access to its HTTP port. While you can access it just fine from the
Internet, you cannot access http://your-external-ip/ from within your LAN.

Reason:
This is due to a limitation in ipfilter/ipnat (which are used in m0n0wall).
Read the ipfilter FAQ for details. m0n0wall does not (and probably will not)
include a "bounce" utility.

Solution:
If you use m0n0wall's built-in DNS forwarder for your LAN clients, you can
add one or more overrides so that they will get the internal (LAN) IP
address of your server instead of the external one, while external clients
still get the real/public IP address.

------------

Thank you,
Konstantin