Make sure you are creating both a NAT rule, and a firewall rule. It'll do it automatically if you
check the box and the bottom of the NAT rule that says something like "auto add firewall rule"
The next thing I'd check was that you have the correct default gateway set on the AP.
From: Chris Flugstad [mailto:chris at cascadelink dot com]
Sent: Friday, April 14, 2006 2:59 PM
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] ITS IMPOSSIBLE Re: [m0n0wall] NAT bug - reaching LAN AP from internet
I have spent the whole day trying to port forward and reach an AP on the
inside of the LAN remotely. We do this with these AP's through anoter linux
box, but not with m0n0. I also tried every AP we have. Linksys, Senao,
Zinwell, another Senao, and a dlink. NO GO ON any of them. Did i miss
I thought you were just suppose to set up a rule in the NAT and bam.
I had my buddy look into it, and now he is as frustrated as I
Please help, as I am losing much hair
----- Original Message -----
From: "Chris Flugstad" <chris at cascadelink dot com>
To: "Chris Buechler" <cbuechler at gmail dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, April 13, 2006 6:03 PM
Subject: Re: [m0n0wall] NAT bug - reaching LAN AP from internet
>I have been reading these post to resolve teh same issue. I have a linux
> that i have port forwarding setup using "jgate". so i put in my wan ip
> XXX.XXX.XXX.XXX:3333 and it forwards that port to the LAN IP of the AP.
> these 3 AP's I have they dont have a default Gateway setup on them, and I
> can access them remotely. For some reason with the m0n0wall's, i cannot
> access any AP's. I set up all sorts of rules and have no luck. If
> wants to help and log into a m0n0wall that I have up and running, I'd be
> glad to work with them. Once I figure one out, all the rest should be
> ----- Original Message -----
> From: "Chris Buechler" <cbuechler at gmail dot com>
> Cc: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Monday, August 15, 2005 5:45 PM
> Subject: Re: [m0n0wall] NAT bug - reaching LAN AP from internet
>> On 8/15/05, Chris Buechler <cbuechler at gmail dot com> wrote:
>>> On 8/15/05, Peter Parnièan <peter at procad dot sk> wrote:
>>> > Hi, jsut arrive to home and first think was to check gateways of AP.
>>> > Ovislink has 100.1 gateway (so same ip as mono is)
>>> > My second AP is Senao and there is no possibility to set gateway. (all
>>> > what
>>> > can i do is set ip address of, AP, than turn on ACL..)
>>> > My third AP ovis, has also gateway 100.1
>>> Alright, the ones that don't support a gateway can't be accessed
>>> outside their own subnet, so inbound NAT to them won't work.
>> for the sake of the archives... (I've been working with the original
>> poster off-list)
>> Nothing wrong with his NAT configuration or firewall rules. Even the
>> AP's with gateway entries appear to be ignoring them. m0n0wall is
>> passing the traffic, it just never gets answered by the AP. Any other
>> host works just fine.
>> From my own experience, and what I've seen from lurking on other
>> lists, access points many times don't allow entry of subnet masks
>> and/or default gateways. This means you'll never be able to access
>> the administration interface from any network other than one local to
>> the AP. Of the ones that do allow gateways, they seem to be
>> inconsistent at best in their functioning, from what I gather from
>> many past list posts to other lists.
>> If anybody runs into a similar situation, I'd first recommend making
>> sure the firmware on the AP is the most recent version, and checking
>> with the AP vendor if it still can't communicate with things off of
>> its own subnet.
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch