|
||||||||
False alarm. Is seems that it does work. However, I had the cable unplugged at some stage, and after plugging it in again (into OPT), I had to restart m0n0wall for the interface to come up properly. Now everything is fine. Thanks. On 13/12/06, Roland Giesler <roland at giesler dot za dot net> wrote: > On 13/12/06, sai <sonicsai at gmail dot com> wrote: > > You should have a LAN rule allowing you to access the OPT. > > > > * LAN net * * * > > > > will allow you to access everything from LAN. > I have that (had it before I added OPT), but it doesn't allow me to > "see" past 10.10.10.1 (OPT ip address) from the LAN. > > > > > * LAN net * OPT NET * > > > > Will allow you to access the OPT from the LAN > Is this rule not superfluous if you have the first rule above? > > There must be something else that is required, since it doesn't work. > > -- > Roland Giesler > Green Tree Systems cc > Stellenbosch, South Africa > +27 (0)72-450-2817 > http://www.thegreentree.za.net > > > On 12/13/06, Roland Giesler <roland at giesler dot za dot net> wrote: > > > When one has set up an optional interface (OPT) (either with an > > > Captive Portal or without) I run into a problem. While there are many > > > articles on the web that describe how to set up a DMZ and specifically > > > how to prevent or allow the OPT client from accessing the LAN ip > > > address, none can be found that explain how to do the opposite. > > > > > > I would like to / need to have access to the networks that connect via > > > OPT to the firewall from the LAN. I have played with all sorts of > > > rules, but none seem to be able to allow me to ping (for example) even > > > the next hop on the OPT connection. > -- Roland Giesler Green Tree Systems cc Stellenbosch, South Africa +27 (0)72-450-2817 http://www.thegreentree.za.net Order free-range lamb now at http://www.meat.za.net |