[ previous ] [ next ] [ threads ]
 
 From:  DevAuto <devauto at gmail dot com>
 To:  "Bryan K. Brayton" <bryan at sonicburst dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Dual private IP nat issue
 Date:  Wed, 30 May 2007 00:14:52 -0400
Thank you again Bryan, I appreciate it, but those suggestions fall under the
heading "Been there, Tried that, It didn't work". Done that several times
already, went so far as to reset the m0n0 to factory defaults and start from
scratch, hoping that a previous rule was conflicting ... guess what, it
didn't work either :)

Thank you again for the suggestions though, they are still well appreciated!

--DevAuto

On 5/29/07, Bryan K. Brayton <bryan at sonicburst dot net> wrote:
>
> Make sure you have the correct TCP/UDP ports forwarded to the 10.1.1.2
> address, and also make sure there is a corresponding firewall rule
> allowing that traffic (easiest to add the NAT rule, and check the
> "Auto-add a firewall rule" option at the bottom.  It sounds like you've
> already done that, but it won't hurt to check :-)
>
>
>
> Also, if you're just checking the FreeNAS config page and it's on port
> 80/443, you may also want to try moving the port the m0n0 webgui uses.
> I seem to remember that causing some problems for people.  I don't know
> if that's the case here, but it's worth a shot.
>
>
>
> -Bryan
>
>
>
> ________________________________
>
> From: DevAuto [mailto:devauto at gmail dot com]
> Sent: Tuesday, May 29, 2007 11:32 PM
> To: Bryan K. Brayton
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Dual private IP nat issue
>
>
>
> Actually, that was the first thing I did. I guess I should have
> mentioned it in my first posting. I wish it were that simple :) Thank
> you for the suggestion though, I do appreciate it.
>
> --DevAuto
>
> On 5/29/07, Bryan K. Brayton <bryan at sonicburst dot net> wrote:
>
> I'm guessing you didn't uncheck the "Block Private Networks" option at
> the bottom of the Interfaces:WAN configuration page.
>
> -Bryan
>
> -----Original Message-----
> From: DevAuto [mailto: devauto at gmail dot com <mailto:devauto at gmail dot com> ]
> Sent: Tuesday, May 29, 2007 10:06 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Dual private IP nat issue
>
> Hi All,
>
> Okay, here is my situation. I have a lan within a lan, split by a
> m0n0wall
> box (Soekris Net4501, m0n0wall 1.3b2) on a wireless link (atheros in bss
> mode). The wireless is configured as the "wan" interface with a
> 10.x.x.xnetwork configured on the lan interface (also tried isolating
> as the opt1
> interface). The wireless connects to another wireless device and pulls a
> dhcp address from a 192.168.x.x network which is on the backside of a
> wan
> link to the internet. Essentially, both lans are in private IP space,
> one in
> the 192.168.x.x and the other in the 10.x.x.x range. A basic diagram of
> my
> setup is below:
>
> (freenas-10.1.1.2) <---> (opt1-10.1.1.1) <---> (wan-192.168.1.2) <--->
> (wireless bridge) <---> ( lan-192.168.1.1) <---> (wan-dhcp from isp)
>
> What I am trying to do is to setup a freenas device in the 10.x.x.x
> network
> space and be able to send files to/from it from the 192.168.x.x network.
> Here is the problem, I cannot seem to get to the freenas box regardless
> of
> how I configure access. I have tried building static rules allowing all
> traffic to that box, no go. I have tried nat to map to the freenas, and
> at
> least I could ping it (nmap shows all natted ports as filtered except
> dns
> and https), this is the closest I have come to getting it to work. I
> have
> tried bridging the interface with the wireless link, another no go. I
> have
> tried 1:1 mapping from one side to the other, another failed attempt. I
> think I have tried just about everything at this point.
>
> Can anyone give me any suggestions on how to accomplish this? I am out
> of
> ideas, patience and time to play around with this. I can provide more
> info
> if needed. What am I doing wrong?
>
> --
> DevAuto
> Failure is not an option ... it comes bundled with your Micro$oft
> solution!
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
> --
> DevAuto
> Failure is not an option ... it comes bundled with your Micro$oft
> solution!
>
>


-- 
DevAuto
Failure is not an option ... it comes bundled with your Micro$oft solution!