[ previous ] [ next ] [ threads ]
 
 From:  "Grant Robinson" <jgrantr at gmail dot com>
 To:  "m0n0wall list" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Public LAN IP's with WAN IP on a different subnet
 Date:  Mon, 8 May 2006 12:38:18 -0600
So, after searching the mailing list archives, reading the FAQ's and
doing a bunch of experimenting, I still cannot get my particular setup
to work, and the things I have read don't really apply.

Here is the setup: (ip addresses are not the real ones, but are for example)

WAN IP address: 120.20.233.181/23 (statically assigned)
WAN Gateway: 120.20.232.1

LAN: 120.20.130.160/27 (32 ip addresses, 30 usable, all public)
LAN IP address: 120.20.130.161 (m0n0wall LAN port)

So, basically this is a /27 subnet that is being routed to the WAN IP
address.  I can ping the WAN IP address just find from anywhere, but I
cannot ping the LAN IP address (the m0n0wall IP address) from the
outside world.  I can ping the boxes on the LAN subnet from the
m0n0wall box, and the boxes on the LAN subnet can ping the LAN IP
address of the m0n0wall box, but nothing outside of the subnet.

I am sure there is some sort of routing problem, but I have been
unable to figure out what it is.  This is what I have done:

* enabled "Advanced Outbound NAT"
* added firewall rules to allow inbound and outbound packets for the LAN subnet

What I have not tried is the bridging, but it sounds like one side of
the bridge needs to not have an IP address, which is not really what I
am looking for here.

I can also post my config if it's needed.

My questions would be:

1) Can m0n0wall be configured to handle this type of network
2) If yes, what am I missing?

Any help would be much appreciated.

--
Grant Robinson
jgrantr at gmail dot com