[ previous ] [ next ] [ threads ]
 
 From:  krt <kkrrtt at gmail dot com>
 To:  =?UTF-8?B?SsOpcsOpbWllIFRhcm90?= <jeremie dot tarot at free dot fr>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 1:1 (onetoone) NAT & filtering
 Date:  Fri, 13 Jul 2007 09:47:05 -0700
Do you have the accept rfc1918 toggle turn on?  (Accept private 
networks, etc.)?

Can anyone tell that i'm in the middle of a move and not using a 
m0n0wall?   :-)




Jérémie Tarot wrote:
> Hi,
> 
> First, forgive me for insisting (already posted on the forums, 
> http://forum.m0n0.ch/index.php/topic,758.0.html), but this tend to 
> become an emergency :/
> 
> I'm trying to setup a new SDSL connection, bundled with xx.xx.28.96/29 
> public IP addresses, on my OPT4 interface. I already have an ADSL link 
> for users net access on WAN, and another SDSL on OPT1 for inter-site 
> traffic.
> 
> So far:
>    * I have given address xx.xx.28.98 to OPT4, the ISP's modem having 
> xx.xx.28.97 (can ping the router & the net from m0n0)
>    * I have configured 2 1:1 NATs with automatic ProxyARP config (can 
> ping the router from the NATed servers):
>       - OPT4  xx.xx.28.99/32   xx.xx.1.3/32  Public Server in DMZ 
> (behind OPT3)
>       - OPT4  xx.xx.28.100/32  xx.xx.3.3/32  Asterisk Server in VOIP 
> (behind OPT2)
>    * I have setup a static route to my VoIP gateway (working, can ping 
> the gateway through OPT4):
>       - OPT4    xx.xx.78.35/32      xx.xx.28.97    Route to VoIP Gateway 
> at the ISP
>    * As learned from reading the list archive (after posting on the 
> forums :P), configured a rule with logging to pass traffic from *:* to 
> servers _private_ IPs:
>       *    *    *    xx.xx.3.3    *    DEBUG: Ping any to 1:1ed Asterisk 
> server
> 
> Still no luck, logs keep on showing me blocked ICMP connections:
> 
>       blocked    OPT4    xx.xx.xx.xx    xx.xx.3.3, type echo/0    ICMP
> 
> I'm really stuck :/
> 
> Any help would be GREATLY appreciated
> 
> Bests
> Jé
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>