[ previous ] [ next ] [ threads ]
 
 From:  "rlpumphrey at 1mage dot com" <rlpumphrey at 1mage dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NAT configuration / troubleshooting
 Date:  Fri, 02 Feb 2007 15:43:44 -0700 
Ok There are better people out there then Me at this.  But it seems simple.
 You would need to put in a rule on  the WAN to allow from WAN to OPT1.
 For the internet to get into 192.168.2.100.
 Protocol:    TCP
 Source:      *
 Port:        *
 Destination: 192.168.2.100
 Port:        *  (also I would limit this to just the port/s "HTTP" you need, not the everything)
 
 You will also need to add on the OPT1 interface a rule to allow things out.
 Protocol:    TCP
 Source:      OPT1
 Port:        *
 Destination: *
 Port:        *
 
 Wildcard make for big holes.  
 
> 
> 
> 
> Date sent:      	Fri, 2 Feb 2007 14:17:52 -0800 (PST)
> From:           	Thomas Brightbill <thomasbrightbill at yahoo dot com>
> To:             	m0n0wall at lists dot m0n0 dot ch
> Subject:        	[m0n0wall] NAT configuration / troubleshooting 
 
 > 
 > 
 > I have monowall installed on a Soekris 4801.  It's configured with
 > two subnets.  I'm trying to set up NAT to expose one server that's
 > on one of the subnets, but I seem to have misconfigured something
 > along the way.
 > 
 > The setup looks like this
 > 
 > 
 >                                 Netopia
 >                               DSL 'modem'
 >                               xx.yy.105.94
 >                            (255.255.255.248)
 >                                    |
 >                                    |
 >                             xx.yy.105.90/29
 >                             Soekris/Monowall
 >                                    |
 >                            /-------+---------\
 >                            |                 |
 >                           LAN              OPT1
 >                     192.168.1.1/24    192.168.2.1/24
 > 
 > 
 > The DSL is 'sticky static' PPPoE with 5 public IP addresses
 > (xx.yy.105.89 - xx.yy.105.94)
 > 
 > I'm trying to map 192.168.2.100 to xx.yy.105.91
 > 
 > I went to the Firewall: NAT: 1:1 setup page in monowall and entered the
 > following settings
 > 
 >   Interface:   WAN
 >   External IP: xx.yy.105.91/32
 >   Internal IP: 192.168.2.100/32
 > 
 > I also went to Firewall: Rules: OPT1 and entered the following
 > 
 >   Protocol:    TCP
 >   Source:      *
 >   Port:        *
 >   Destination: 192.168.2.100
 >   Port:        *
 > 
 > I wasn't able to get to the web server from the outside world, so I
 > configured a laptop with an IP address of xx.yy.105.92, plugged it into
 > the Netopia and still wasn't able to get to the web server.  (I can get
 > to the web server from either subnet using the 192.168.2.100 IP address)
 > 
 > Any suggestions for troubleshooting or reconfiguring would be
 > appreciated.
 > 
 > Thanks!
 > 
 > Thomas
 > 
 > 
 > 
 > 
> > ---------------------------------------------------------------------
 > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
 > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
 > 
>