[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?Fredrik_=D6stergren_-_IT-Kontakt_AB?= <fredrik dot ostergren at itkontakt dot se>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] how to make this to work
 Date:  Fri, 30 Mar 2007 22:27:39 +0200 
Oh ! 

Very nice, thank you for the heads-up. This will solve many problems ..

Have a nice weekend all!

/ Fredrik

-----Original Message-----
From: Neil A. Hillard [mailto:m0n0 at dana dot org dot uk] 
Sent: den 30 mars 2007 22:24
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] how to make this to work

Hi,

In message , Fredrik Östergren - IT-Kontakt AB
<fredrik dot ostergren at itkontakt dot se> writes
>
>Hi!
>
>Ping from LAN (nat'd interface) --> Bridged interface (your "dmz" bridged
>with WAN) is not working with ipnat and bridging.
>
>http://doc.m0n0.ch/handbook/faq-bridge.html
>
>Best Regards
>
>/ Fredrik
>
>
>-----Original Message-----
>From: Klaus Stock [mailto:ks at stock dash consulting dot com]
>Sent: den 30 mars 2007 19:54
>To: m0n0wall at lists dot m0n0 dot ch
>Subject: Re: [m0n0wall] how to make this to work
>
>> But when I ping my domain it shows my ip and
>>
>> ping webdbserver.mine.nu
>>
>> Pinging webdbserver.mine.nu [62.162.237.220] with 32 bytes of data:
>>
>> Request timed out.
>> Request timed out.
>> Request timed out.
>> Request timed out.
>>
>> Ping statistics for 62.162.237.220:
>>     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
>>
>> What should I open on m0n0??
>> I just use this for fun and there is only web I mean 80 and mssql 1433
>
>
>If I understand you correctly, then you'll want to add this rule:
>
>Proto Source Port Destination Port Description
>ICMP  *      *    *           *    Allow PINGs
>
>That should allow you to ping your m0n0wall from anywhere in the Internet.
>
>Just checked it myself on my 1.23 m0n0wall. I just didn't notice any "fun"
>in pinging the firewall...?
>
>Perhaps piMping a m0n0wall woulöd be more fun ;-)

OK, this WILL work.  You need to use advanced NAT and ensure that any
packets destined for the WAN / DMZ IP address range are not NATed.

I have this configuration working perfectly here, and has been for at
least 18 months!

If you need further information, search the mailing list for my previous
posts.

HTH,


                                Neil.
-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch