WAN Bounce only works for the WAN address of the m0n0wall router. If
you have multiple IPs mapped to the same interface, those will not be
bounceable. To be able to bounce, you have to enable the port on the WAN
side via Firewall rules from *any* source (port 80 for example if you
want website access). To get more complex than that, you would need to
use DNS forwarder to start using a lot of websites from within for ease
of use. I use the very thing you are talking about so I can work on
website related stuff from within the network and people outside on the
WAN will have the same access. Much easier than having to type in the
local address or machine name all the time.
Alex M wrote:
> Ok so it aberrantly works but it does eats all the packages so when ports
> scan is done the scanner doesn't know if packet was delivered or not (not
> good for testing, but also not good for hackers) PS: It = firewall
> Another thing that is driving me crazy is that I can't loop through the wan
> address within the local net.
> Router Wan Address 126.96.36.199
> PC connected to that router: 192.168.1.50 (Comp A)
> HTTP Server on w/ that router: 192.168.1.51 (Server)
> Now when I connect to 192.168.1.51:80 locally all is good, but when I use
> Comp A and type WAN address http://188.8.131.52:80 im getting nowhere. I
> think whats what the warning on the nat page setup said that it is
> impossible to do!, but my D-Link router was able to do it and I damn need
> that functionality! Does any one knows how to make it possible to work?
> -----Original Message-----
> From: Sven Brill [mailto:madde at gmx dot net]
> Sent: Friday, September 29, 2006 9:48 PM
> To: Alex M
> Subject: Re: [m0n0wall] why cant i foward PORTS to my radius server?
> Alex M wrote:
>> Here is the setup:
>> I set DMZ rule to pass anything from WAN to my local IP
>> I created Inbound NAT Rule to forward 1812 and 1813 to my IP but when I do
>> port scan it seams that all ports a stelthed. I even tried to rebut. but
>> nothing happens :-(
> couple of questions to isolate the problem:
> what port scanner are you using?
> are you scanning the the WAN interface from the outside?
> which radius server is it?
> are you sure it only listens on these ports, not maybe 2083 ("Secure
> Radius") or any arbitrary port? 1812 and 1813 are the standard ports,
> but can be configured differently.
> can you see anything blocked in the logs (turn on "Log packets blocked
> by the default rule" under Logs/Settings)?
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch