[ previous ] [ next ] [ threads ]
 From:  "apiasecki at midatlanticbb dot com" <apiasecki at midatlanticbb dot com>
 To:  Trevor Merrill <trevor dot merrill at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Help with setup
 Date:  Sun, 25 May 2008 01:17:11 -0400
For one, download zenmap(nmap) for Windows, that way you can truly tell 
if the port is open.

If it comes back open, 99% its your pc, if not, and i assume it isn't 
your pc.  Then you need to check that your ISP is not blocking port 80. 
A simple way to tell without getting the ISP involved is to change the 
port on your web sever, and check again, change the m0n0wall config as 

Or plug your laptop directly into the WAN Port of the m0n0wall and 
assign your PC the gateway address. Then browse to the IP of your web 


Trevor Merrill wrote:
> I have tried twice unsuccessfully to implement Monowall in a data 
> center and I cannot for the life of me figure out what I am doing 
> wrong. I have a simliar setup running on another location but I am 
> missing something. I was hoping the community could lend a hand so the 
> third time is a charm. Let me describe the setup, i can even post the 
> config if it goes that far.
> Here is the setup:
> Monowall 1.3B11 installed on a soekris 4501 - I have had success with 
> this at two other sites
> Network Range:
>             WAN
>             x.x.x.32 /28
>             x.x.x.32  Network ID
>             x.x.x.33  Data Center Switch
>             x.x.x.34  My Default Gateway
>             x.x.x.35  Data Center Switch
>             x.x.x.36 through .46  My Useable IP addresses
>             x.x.x.36 - Monowall
>             x.x.x.37 - web server 1
>             x.x.x.38 - web server 2
>             x.x.x.39 - web server 3
>             x.x.x.47  Broadcast
>     Subnet Mask
>             LAN:
>    /24
>             DHCP - ON
>             DHCP Range -
>             DNS - have 3 servers listed in general settings, 2 are 
> root DNS servers and 1 is company DNS
> All 3 servers Have a one to one NAT, with reverse Proxy ARP setup
> firewall rules are basic:
> LAN - all ports allowed out
> WAN - ports 80, and a few others in
> I plugged everything in and from laptop connected via DHCP everything 
> was working great. I could ping out, browse web, etc but the servers 
> could not ping out, and pings to public addresses failed from WAN. The 
> websites they host did not come up, attempted browsing from WAN. All 
> signs point to DNS settings so I manually entered the DNS settings in 
> the server, even though the monowall should forward the DNS querys, 
> and still nothing. The weird thing is when I looked at the firewall 
> logs it was rejecting port 80 traffic from the WAN to the LAN, even 
> though I had a rule setup allowing it to pass. I spent hours trying to 
> figure out what was going on and got more confused as time went on. 
> Here is a summary
> 1. Browsing web, pinging www.google.com, checking email worked great 
> with laptop connected to LAN via DHCP
> 2 Servers with static LAN IPs, ping failed going out to 
> www.google.com, with same DNS settings as DHCP client
> 3. From WAN, hosted websites would not come up, port 80 allowed from 
> WAN to LAN
> 4. From WAN, ping failed to public 1:1 NATted IPs, even though ICMP 
> from WAN to LAN was allowed
> Any help would be appreciated, Lik I said I can post the config as well.
> Trevor
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch