[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?P=E5l_Borsheim?= <paal at tgmsound dot com>
 To:  "'Lee Sharp'" <leesharp at hal dash pc dot org>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  SV: [Private] Re: Can't NAT on m0n0wall.
 Date:  Fri, 23 Jun 2006 20:20:50 +0200
Hi. :) Thanks but this problem has been solved.

Solution to the problem where that I forgot in my one forgetful mind to set
det server gateway to the correct ip of the firwall / ruter / gateway
m0n0wall. There U see even we IT prof can forget.. :)

Thanks all
Paal B. 

-----Opprinnelig melding-----
Fra: Lee Sharp [mailto:leesharp at hal dash pc dot org] 
Sendt: 21. juni 2006 19:36
Til: paal at tgmsound dot com
Emne: Re: [Private] Re: Can't NAT on m0n0wall.

If you are comfortable with it, send me your config file, and I will look
over it.  What you are doing should work.

                            Lee
----- Original Message -----

To: "'James W. McKeand'" <james at mckeand dot biz>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, June 21, 2006 9:39 AM
Subject: SV: [m0n0wall] Re: Can't NAT on m0n0wall.


Hi all. Thanks for a lot of good info / help.

But:

1. When I add a rule in Inbound NAT I X for auto add firewall rule
2. I test the connection with grc.com and from a remote site

And it stil does not work. I know it should only be to add the rule to
Inbound NAT and add to the firewall rule. And then it shuld work. But
no..... It does not. It works fine with other simelar systems based on linux
or unix. So could it be the hardware ???? Strange I have full access out to
the internet if that is the fault. :)

Paal B.

-----Opprinnelig melding-----
Fra: James W. McKeand [mailto:james at mckeand dot biz]
Sendt: 21. juni 2006 14:57
Til: m0n0wall at lists dot m0n0 dot ch
Emne: RE: [m0n0wall] Re: Can't NAT on m0n0wall.

Molle Bestefich wrote:

>> If I understand U here right U mean that the firewall filter is not
>> suppose to work that way.
>
> Not exactly.  I think the filter works as it's supposed to.
>
> I think there's a flaw somewhere.  Currently, IMXP, the user has to
> enter 2 rules in the rulebase every time (s)he wishes to tell the
> firewall about something that's actually conceptually only a single
> rule.  But only if the rule pertains to a NATed host or network.
>
> Could be because:
>  a) m0n0wall should autogenerate one of the rules, but it's broken in
> my setup b) m0n0wall is broken wrt. when and how traffic is passed
> between NAT and the filter
>  c) that's a specific feature of m0n0wall
>
> I don't know which, since I'm not a m0n0wall expert.
> Maybe it's a) and my personal setup is broken, but my current personal
> impression is that it's b), of course :-).
>
>> If I am to enter the rules twice one for translated address and one
>> for untranslated address then this is not right.
>
> Try if it works anyway.

I have been using m0n0wall for a while. I have never had to enter two rules
in the way you describe. I believe reason a) is to blame. I have always just
entered a rule on the Inbound NAT page and checked the "auto add firewall
rule" box.

When you say you have to enter two rules, are you referring to having to add
the NAT rule and the firewall rule? If so, without checking the "auto add
firewall rule" when you create the Inbound NAT rule, you are correct you
will need to add a firewall rule separately.

_________________________________
James W. McKeand



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch