[ previous ] [ next ] [ threads ]
 
 From:  "Francois Boulanger" <francois dot boulanger at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Using m0n0 under VMWare as a "real" firewall?
 Date:  Thu, 21 Sep 2006 21:51:56 -0400 
Bingo! Turns out my problem was that Windows did not recognize properly the
NIC on my Green interface.

A small visit to my board manufacturer's website, an install of the proper
drivers, and i was on my way to happiness.
Now i just need to figure out how to make the traffic shaper work correctly
for me, but that'll be in another thread!

Thanks again for the tip Jonathan.

Francois

On 9/21/06, Francois Boulanger <francois dot boulanger at gmail dot com> wrote:
>
> MSN Messenger did not work, e-mail I did not try (Gmail. nothing more to
> say!)
>
> I tried using good ol' telnet, that didn't work either. Actually, as far
> as telnet goes, the connection is accepted, but afterwards nothing happens.
>
> I also tried sniffing the traffic on both adapters using Ethereal; The
> initial connection seems to work (syn-synack-ack) but the connection from
> m0n0 to the requested website gets reset afterwards. I still need to look
> more into that; my TCP/IP skills are, well, far from optimal!
>
> Also, I noticed that a lot of requests coming from the LAN (including
> requests from the VMWare host itself) were rejected by m0n0. That seemed
> odd, considering I did not setup any rules to block outgoing LAN traffic....
> I'll look into that and post my findings and logs here.
>
> Both of my NICs are built-in on my board; I'm using a MSI Platinum Neo2
> Board, that has a built-in Nforce NIC and a built-in Gigabit NIC (forgot the
> brand of the chipset).
>
> I'll try swapping the NICs, who knows, that might do the trick.....
>
> Thanks!
>
> On 9/21/06, Jonathan Owens <niralisse at gmail dot com> wrote:
> >
> > I ran a similar setup for a bit while I waited for my Netvista to
> > arrive. It sounds like you've done things well so far, as I don't see
> > any obvious problems with your setup. One thing I encountered when doing
> > this was an onboard NIC that simply didn't work for LAN access. The
> > behavior was somewhat similar: the local machine could get to the LAN
> > port via the bridged NIC, but no other machines would even get IP
> > addresses. You might ensure that both NICs are of high quality before
> > troubleshooting software further.
> >
> > Barring that, I have to say that the web-only failure of your other
> > clients is rather strange, do other services (such as email) work?
> > Typically if you can ping by hostname, you're home free, so try some
> > other services and see what you get.
> >
> > Be patient, the VMWare m0n0wall is probably the most difficult platform
> > to get running.
> >
> > Francois Boulanger wrote:
> > > Hello! My old P133 that ran smoothwall blew up on me, so being a bit
> > > adventurous, I decided it might be fun to run m0n0 under VMWare as the
> > > primary firewall for my home.
> > >
> > > Has anybody ever tried (and succeeded) at doing this?
> > >
> > > A picture being worth a 1000 words, here's how the network is setup :
> > > http://www.ioverflow.net/pics/m0n0_network.jpg
> > >
> > > But something's not right with my configuration. Here's what I know :
> > >
> > > -under VMWare's Network editor, VMNet2 is bridged to my PC's first
> > NIC,
> > > NIC1. (In windows, that nic has no protocols installed on it, except
> > > for the
> > > VMWare bridge). This NIC is directly connected to my ADSL modem.
> > > -under VMWare's Network editor, VMNet0 is bridged to my PC's second
> > NIC,
> > > NIC0. (In windows, that nic is configured with all protocols). This
> > > NIC is
> > > connected to a switch wich links all the PCs in the house.
> > >
> > > -my m0n0 virtual machine has Ethernet 1 - LAN assigned to VMnet0
> > > -my m0n0 virtual machine has Ethernet 2 - WAN assigned to VMnet2
> > >
> > > m0n0 is configured correctly as far as i can see:
> > > - it can connect and obtain an IP adress from the ADSL modem
> > > - On the PC that's hosting the Virtual m0n0, I can obtain a DHCP
> > > adress from
> > > m0n0 on GREEN (nic0) interface, and I can surf the web, everything
> > works
> > > perfectly.
> > > - I did not setup any specific rules or NATting on m0n0. Outbound
> > access
> > > should work for all my lan.
> > >
> > > but here's the problem : On the other workstation in the home,
> > > (workstation
> > > 1) :
> > > - I can obtain a DHCP adress from m0n0
> > > - I can access m0n0's webGUI
> > > - I can ping m0n0
> > > - I can ping m0n0's WAN IP
> > > - I can ping m0n0's WAN gateway
> > > - DNS resolution works fine
> > > - I can even ping external websites using their IP and DNS,
> > > -.... but, for reasons unknown, I cannot access anything on the
> > internet.
> > > Internet surfing, MSN, etc... nothing works. my browser seems to
> > connect,
> > > but waits for a while and says that the connection was reset.
> > >
> > > The behavior is identical in Linux or Windows. I tried replacing the
> > hub
> > > with a switch, same problem.
> > >
> > > Now, I don't consider myself a top notch network expert, but i'm no
> > > slouch
> > > either, and I can't figure out what's wrong here. I've got more info
> > if
> > > you're interested in trying to solve this mystery...(Ethereal packet
> > > sniffing on the WAN and the LAN, logs of dropped packets on m0n0 for
> > no
> > > apparent reason, content of /status.php, etc).
> > >
> > > I'm stumped.
> > >
> > > Any ideas?
> > >
> > > Thanks!
> > > Francois
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>