[ previous ] [ next ] [ threads ]
 
 From:  Ray Cummins <r at burlco dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall between Internet and internal router not allowing non-interface subnets to be passed?
 Date:  Wed, 14 Feb 2007 11:43:49 -0500 
I'm just going to throw this out there - your desire to use "an internal 
router behind the m0n0wall box" sounds like you need to set up a static 
route to that router in m0n0wall.

Zach Lowry wrote:
> Hello!
>
> I have just purchased a router for my Catalyst 5000 to handle 
> intra-VLAN routing instead of m0n0wall. I have m0n0 connected to my 
> internet connection, and a separate VLAN set up between the router and 
> the m0n0 box on a separate subnet. The router's default route is set 
> to the m0n0 box. On the router interface of m0n0, I have a rule set to 
> pass traffic from an internal subnet (192.168.1.x) to anywhere. 
> However, the traffic is being blocked by this rule:
>
> @18 block in log quick on vlan1 from !10.10.10.0/30 to any
>
> vlan1 is my private interface between m0n0 and the router, and 
> 10.10.10.0/30 is the subnet I'm using between those 2 devices. It 
> looks like, by default, m0n0 blocks any traffic incoming on an 
> interface that does not originate from that interface's subnet. 
> However, this makes using an internal router behind the m0n0wall box 
> seem impossible. Is there some other way to accomplish this or should 
> I be doing something different?
>
> Thanks!
>
> --Zach
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>