[ previous ] [ next ] [ threads ]
 From:  "Roland Giesler" <roland at giesler dot za dot net>
 To:  "Monowall List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Accessing optional network from LAN
 Date:  Wed, 13 Dec 2006 11:14:48 +0200
When one has set up an optional interface (OPT) (either with an
Captive Portal or without) I run into a problem.  While there are many
articles on the web that describe how to set up a DMZ and specifically
how to prevent or allow the OPT client from accessing the LAN ip
address, none can be found that explain how to do the opposite.

I would like to / need to have access to the networks that connect via
OPT to the firewall from the LAN.  I have played with all sorts of
rules, but none seem to be able to allow me to ping (for example) even
the next hop on the OPT connection.

[M0N0WALL]---[OPT]----[various wifi AP's]

I have set up as the address of the OPT interface and the
connected wifi AP is

Do I have to set up a static route to be able to access or
is there some other method that allows this?

From the firewall I can ping and but not from the LAN.

Help would be much appreciated.

Roland Giesler
Green Tree Systems cc
Stellenbosch, South Africa
+27 (0)72-450-2817

Order free-range lamb now at http://www.meat.za.net