[ previous ] [ next ] [ threads ]
 
 From:  "Francois Boulanger" <francois dot boulanger at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Using m0n0 under VMWare as a "real" firewall?
 Date:  Thu, 21 Sep 2006 11:39:52 -0400 
Hello! My old P133 that ran smoothwall blew up on me, so being a bit
adventurous, I decided it might be fun to run m0n0 under VMWare as the
primary firewall for my home.

Has anybody ever tried (and succeeded) at doing this?

A picture being worth a 1000 words, here's how the network is setup :
http://www.ioverflow.net/pics/m0n0_network.jpg

But something's not right with my configuration. Here's what I know :

-under VMWare's Network editor, VMNet2 is bridged to my PC's first NIC,
NIC1. (In windows, that nic has no protocols installed on it, except for the
VMWare bridge). This NIC is directly connected to my ADSL modem.
-under VMWare's Network editor, VMNet0 is bridged to my PC's second NIC,
NIC0. (In windows, that nic is configured with all protocols). This NIC is
connected to a switch wich links all the PCs in the house.

-my m0n0 virtual machine has Ethernet 1 - LAN assigned to VMnet0
-my m0n0 virtual machine has Ethernet 2 - WAN assigned to VMnet2

m0n0 is configured correctly as far as i can see:
- it can connect and obtain an IP adress from the ADSL modem
- On the PC that's hosting the Virtual m0n0, I can obtain a DHCP adress from
m0n0 on GREEN (nic0) interface, and I can surf the web, everything works
perfectly.
- I did not setup any specific rules or NATting on m0n0. Outbound access
should work for all my lan.

but here's the problem : On the other workstation in the home, (workstation
1) :
- I can obtain a DHCP adress from m0n0
- I can access m0n0's webGUI
- I can ping m0n0
- I can ping m0n0's WAN IP
- I can ping m0n0's WAN gateway
- DNS resolution works fine
- I can even ping external websites using their IP and DNS,
-.... but, for reasons unknown, I cannot access anything on the internet.
Internet surfing, MSN, etc... nothing works. my browser seems to connect,
but waits for a while and says that the connection was reset.

The behavior is identical in Linux or Windows. I tried replacing the hub
with a switch, same problem.

Now, I don't consider myself a top notch network expert, but i'm no slouch
either, and I can't figure out what's wrong here. I've got more info if
you're interested in trying to solve this mystery...(Ethereal packet
sniffing on the WAN and the LAN, logs of dropped packets on m0n0 for no
apparent reason, content of /status.php, etc).

I'm stumped.

Any ideas?

Thanks!
Francois