[ previous ] [ next ] [ threads ]
 
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  Edward Ronquillo <eronquillo at gmail dot com>
 Cc:  Chris Buechler <cbuechler at gmail dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NAT and internal subnets behind m0n0wall
 Date:  Wed, 18 Oct 2006 19:57:28 -0400
Edward Ronquillo wrote:
> Chris, I've already had the static for the subnet in place, and it is
> pingable from the m0n0wall's wan and lan interface.  However, no one
> still cannot access the webserver from the internet.  My current setup
> looks like this:
>
>                                 192.168.2.0           192.168.4.0
> internet <--> (m0n0wall) <-------> (VyattaR1) <-------> (VyattaR2)
>                                                      |
>                                                      |
>                                              192.168.3.0
>                                                      |
>                                                      |
>                                             (www server)
>
> Although it seems simple enough, the statics still don't work.
>
> On 10/17/06, Chris Buechler <cbuechler at gmail dot com> wrote:
>> On 10/17/06, Edward Ronquillo <eronquillo at gmail dot com> wrote:
>> > Hi!  I'm having problems with accessing a web server behind my
>> > m0n0wall setup.  Currently, I'm running two vyatta ofr routers behind
>> > m0n0wall.  My webserver is on one of my vyatta router's interfaces
>> > (subnets).  I've tried to specify the web server's IP  in NAT's
>> > Inbound rules, but we can't access our webserver from the internet.
>> > But when we move the webserver to m0n0walls directly connected subnet,
>> > it works!  How can we configure NAT so that we can access our
>> > webserver on another internal subnet?
>>
>> Enter a static route for that subnet.
>>
>> -Chris
>>
I have almost an identical setup as you (minus the 2nd vyatta and using 
a Linksys router).  The web server is accessible if I put a static route 
in m0n0wall, and make sure NAT is turned off on the Linksys, as well as 
put the IP of the webserver in m0n0 on a 1 to 1 NAT mapping and add the 
appropriate firewall rules.  Maybe NAT is turned on in the Vyatta router?

Chris