[ previous ] [ next ] [ threads ]
 
 From:  krt <kkrrtt at gmail dot com>
 To:  Mehran <error at exemail dot com dot au>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Bridge problem
 Date:  Sat, 16 Dec 2006 14:33:11 -0800 
Do you see that the pings to your m0n0walls 192.168.0.133 interface
are dropped in the firewall logs?

Do you see any drops or otherwise for any 192.168.1.0/24 traffic?
From what hosts?




On 12/15/06, Mehran <error at exemail dot com dot au> wrote:
> The link between router and m0n0wall is definitely working as m0n0wall can
> ping the router and any device attached to the router (via hyperterminal).
> Also the router shows that it is connected to m0n0wall under its GUI.
>
> I'm not so sure if the router is the only problem.  It looks like m0n0wall
> is not routing any traffic to 192.168.1.0/24 clients as I can ping google on
> the router it self.
>
> Some extra stuff that I have found out:
>
> On the client (eg: 192.168.1.3) that is attached to the m0n0wall box it:
>
> 1. Can ping m0n0wall (192.168.1.1)
> 2. Can ping m0n0wall wireless Ip (192.168.0.133)
> 3. Can not ping netgear (192.168.0.1) or any address on 192.168.0.0/24
> 4. When pinging any web address it gets the IP but can not transfer any
> packets.
>
> On the client that is attached to the netgear router it:
>
> 1. Can not ping m0n0wall wireless Ip (192.168.0.133)
> 2. Can not ping m0n0wall (192.168.1.1)
>
>
> Your help is greatly appreciated.
>
> Cheers,
>
> -----Original Message-----
> From: krt [mailto:kkrrtt at gmail dot com]
> Sent: Saturday, 16 December 2006 2:22 AM
> To: Mehran
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Bridge problem
>
> Since your m0n0wall can ping 192.168.0.1, I can assume that the wifi
> link is working.
>
>
> Do the hosts on the 192.168.0.0/24 network know how to get to the
> 192.168.1.0/24 network?
>
> If not:
>
> 1) The Ideal (network) route is for each host to route 192.168.1.0/24
> to 192.168.0.33 (the 192.168.0.0/24 interface of the m0n0wall
> firewall)
>
> 2) The Netgear should, at a minimum, route 192.168.1.0/24 to
> 192.168.0.33.  If any hosts on the 192.168.0.0/24 network utilize the
> Netgear for packet forwarding of 192.168.1.0/24 packets, then there is
> an assymetric routing issue, where the packet from the 192.168.0.0/24
> host will go to the netgear, to the m0n0wall and to the
> 192.168.1.0/24.  The reply packet will go from the 192.168.1.0/24 host
> to the m0n0wall and back to the 192.168.0.0/24 client, without ever
> traversing the Netgear on the return.  This shouldn't pose an issue
> with the Netgear, but it could for other stateful firewall products
> out there, and at a minimum does suck away some performance.
>
>
>
> On 12/14/06, Mehran <error at exemail dot com dot au> wrote:
> > Hi,
> >
> >
> >
> > I'm trying to create a bridge network
> >
> >
> >
> > Netgear DSL/router IP 192.168.0.1 /24 (DHCP) Wireless
> >
> >
> >
> > Through m0n0Wall (bridge) Wireless
> >
> >
> >
> > Connect to PC (Wired) IP 192.168.1.  /24
> >
> >
> >
> > ==========
> >
> >
> >
> > This is how I configured m0n0Wall
> >
> >
> >
> > 1.      Click on Interfaces -> WAN. Change Type to static. In Static IP
> > Configuration set the IP to an unused IP in the Home AP's range
> > (192.168.0.133). Under Wireless Configuration, set Mode to BSS, SSID to
> the
> > Home AP's SSID (netgear).
> > 2.      Uncheck "Block private networks" at the bottom of that page. Click
> > Save.
> > 3.      In Interfaces -> LAN, change the IP to reflect the local subnet
> > desired. E.g. 192.168.1.1. In Services -> DHCP, update the allocated range
> > to match your LAN IP (e.g. 192.168.1.100 - 192.168.1.199). Click Save.
> > 4.      Go to Diagnostics -> Reboot System.
> >
> >
> >
> >
> >
> > Problem is that I can not ping the router 192.168.0.1 or access the web on
> > the PC.  Through HyperTerminal (Monowall box) I can both ping 192.168.0.1
> > and google.com.
> >
> >
> >
> > PC has an IP of 192.168.1.100 no problem pinging monowall box.
> >
> >
> >
> >
> >
> > Can you please let me know if I'm doing something wrong..
> >
> >
> >
> >
> >
> > Cheers,
> >
> >
> >
> > Mehran
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
> __________ NOD32 1922 (20061214) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
>
>