I'm not sure if I'm going down a blind alley here, but it seems to me
there must be a way to access a subnet other than one's own without
crossing the firewall. Here's my m0n0wall's basic setup:
WAN: static public IP address
LAN: 10.0.0.1/16, running dhcpd
Our clients all get IPs from the LAN dhcpd.
Meanwhile, our equipment all have static IP addresses on the subnet
172.16.0.0/16. Currently, to connect with a piece of equipment one
must change one's IP address manually to the 172.16/16 subnet. Is
there not a way using static routes to maintain one's 10/16 address
and have the m0n0wall redirect 172.16/16 requests to the appropriate
equipment on the LAN? I tried adding a static route thus:
172.16 172.16.0.1 UGS 0 126 [LAN]
but no dice. I tried a similar entry, using 10.0.0.1 as the gateway,
but nothing still. Is this possible? Can somebody point me to a
resource if it's not a simple fix? Please don't tell me to change my
equipment to the 10/16 subnet, as we're talking about ~300 items here.
I'll consider that a last resort, along with manually changing my IP
to the 172.16/16 every time I want to have a look.