John Hakk wrote:
> I recently added a forth NIC for a FTP server that I want LAN1 and LAN2 to have access to but am
having problems configuring.
> interface set-up:
> WAN 192.168.3.100 gateway 192.168.3.1
> LAN1 192.168.1.1
> LAN2 192.168.2.1
> FTP server 192.168.4.1
> (no access between LAN1 and LAN2)
> If I bridge the FTP server interface with either LAN1 or LAN2 the bridged LAN can access the FTP
Server but I would prefer to not have to change the bridge selection each time I want to access the
Server from the other (non-bridged) LAN.
> I have tried numerous rules but have not hit upon the right configuration. I was thinking
"static routes" but do not seem to get any where. "Block private networks" seems appropriate but
toggling on/off does not seem to change things.
> I would assume a rule such as * - FTP Server - * -* -* on the FTP Server interface would allow
access to/from any other interface on the unit. True?
Filters work on the way IN to the firewall. You need a rule on the LAN1
and LAN2 interfaces al;lowing access to the FTP server, and a rule on
the FTP LAN allowing access to LAN1 and LAN2.
Many thanks for the reply, it helped my understanding
of how rules should be structured.
I made rules in LAN1 and the FTP interface like
* * * * * (5 wild card .. i.e. any)
just for testing. With these rules I could ping from the
FTP server (192.168.4.125) to the LAN1 interface
(192.168.1.1) but could not reach any client on the
LAN1 net. If I bridge the FTP and LAN1 interface I can
ping to/from a client on the LAN1 net/FTP server so the
problem seems to be my configuration of the Monowall.
Would appreciate input.
Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates.