[ previous ] [ next ] [ threads ]
 
 From:  John Hakk <jhnhakk at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] FTP Server to LAN1 and LAN2 problem
 Date:  Tue, 13 Feb 2007 00:00:13 -0800 (PST)
John Hakk wrote:
> I recently added a forth NIC for a FTP server that I want LAN1 and LAN2 to have access to but am
having problems configuring.
> 
> interface set-up:
> WAN 192.168.3.100  gateway 192.168.3.1
> LAN1 192.168.1.1
> LAN2 192.168.2.1
> FTP server  192.168.4.1
> 
> (no access between LAN1 and LAN2)
> 
> If I bridge the FTP server interface with either LAN1 or LAN2 the bridged LAN can access the FTP
Server but I would prefer to not have to change the bridge selection each time I want to access the
Server from the other (non-bridged) LAN.
> 
> I have tried numerous rules but have not hit upon the right configuration.  I was thinking
"static routes" but do not seem to get any where. "Block private networks" seems appropriate but
toggling on/off does not seem to change things.
> 
> I would assume a rule such as * - FTP Server - * -* -* on the FTP Server interface would allow
access to/from any other interface on the unit. True?

Filters work on the way IN to the firewall.  You need a rule on the LAN1 
and LAN2 interfaces al;lowing access to the FTP server, and a rule on 
the FTP LAN allowing access to LAN1 and LAN2.





   Lee


Many thanks for the reply, it helped my understanding 
of how rules should be structured.

I made rules in LAN1 and the FTP interface like

 * * * * * (5 wild card .. i.e. any)

just for testing.  With these rules I could ping from the 
FTP server (192.168.4.125) to the LAN1 interface 
(192.168.1.1) but could not reach any client on the 
LAN1 net. If I bridge the FTP and LAN1 interface I can 
ping to/from a client on the LAN1 net/FTP server so the
problem seems to be my configuration of the Monowall. 

Would appreciate input.



 
---------------------------------
Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates.