[ previous ] [ next ] [ threads ]
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] why cant i foward PORTS to my radius server?
 Date:  Sun, 1 Oct 2006 00:40:42 -0500
From: "Alex M" <radiussupport at lrcommunications dot net>

> >If you are set on not using a DNS server for this, put the web server on 
> >a
>>different interface and create a DMZ - makes more sense, anyways

> Well the thing is I need it not for operations but rather for development!
> I do toooooooooo many network testing and development so I need to see 
> what
> would my environment behave like if I would access it from the wan. Like I
> need to know what ports are assingnet for external use etc. When I had 
> dlink
> router I was using wan addess internally to emitate the external access 
> with
> mono I cant ... so I either have tomake it work some how or... there is no
> other alternatve.

We keep giving you an answer, but for some reason you do not want to hear 
it.  To start, the D-Link makes several kinds of nasty assumptions that make 
it highly insecure.  They chose "easy" over "security."  I valid choice, but 
m0n0wall went the other way.  This means that to do what you want to do, you 
need a hack.  Nothing will change this short of a full redesign of m0n0wall. 
That said, your internal testing is still not a valid test.  You come from 
inside the network, so all the rules are different from someone outside the 
network.  The only way to properly test is to VPN somewhere on the internet 
and come back, or to SSH to somewhere out on the internet and tunnel firefox 
back to you.  This is valid for m0n0wall, d-link, or whatever you use.