I am having trouble with a new m0n0wall installation. I suspect that
the problem is a hole in my understanding of things, and I am hoping
that some of you can enlighten me.
We have a m0n0wall with the WAN going to the Internet with a fixed IP
address, and a couple of computers on the LAN, using regular NAT
(192.168.20.0/24). So far, everything is wonderful, even the VPNs we
have going to two other offices.
There is another LAN in the office (192.168.2.0/24) for the VOIP phones.
In order to solve some cabling problems (i.e., not enough cables running
where we need them) we wanted to put a couple of the VOIP phones on our
192.168.20.0/24 LAN. The phones get their IP addresses via DHCP, and
then they talk to a TFTP server for initialization information. They
*know* what TFTP server they want to talk to--they do not get that
information from DHCP like diskless workstations do.
So we hooked the OPT connection up to the phone LAN (192.168.2.0/24) and
gave the interface an available IP address on that LAN (192.168.2.201).
The phones get assigned IP addresses OK from the m0n0's DHCP server, but
they cannot get to the 192.168.2.0/24 LAN to talk to their TFTP server.
In the log, I see a bunch of messages like this:
kernel: arpresolve: can't allocate route for 192.168.2.1
kernal: arplookup 192.168.2.1 failed: host is not on local network
I have allow-everything rules on both the LAN and OPT interfaces, but
that doesn't seem to matter, because it is not getting as far as the
So it doesn't know how to find the 192.168.2.0/24 LAN from the
192.168.20.0/24 LAN. I thought a static route would do the job, so I
added one with a range of 192.168.2.0/24, a gateway of 192.168.2.1, and
an interface of OPT. That didn't help. (In retrospect, that was
probably predictable, since it is the gateway itself that it cannot
Am I missing something in my configuration? Or is this setup really too
much like a multi-WAN setup, and beyond the scope of m0n0wall?
Thanks for your help!