[ previous ] [ next ] [ threads ]
 From:  Steve Yates <steve at teamITS dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Traffic shaping using NAT
 Date:  Fri, 16 Jul 2010 18:40:43 -0500
Lee Sharp wrote on Fri, Jul 16 2010 at 11:18 am:

> For the record, NAT breaks a lot of stuff.  That said, we have an
> amazing amount of control in how NAT works on m0n0wall.  What he is
> telling you is that you can configure NAT so that it is turned off for
> the bridged interface.  This can be a bit complex to set up right, which
> is why it is in the "Advanced Outbound NAT" section.

	Would you mind giving an example or two?  What I'm seeing right now is that hosts on the LAN net
are not able to communicate to the world.

Ping to m0n0wall LAN IP - pass
Ping to m0n0wall WAN IP - pass
Ping to m0n0wall WAN gateway - fail
DNS resolution using m0n0wall - fail

	I'm wondering if it would make life easier to put everything on the LAN interface, get rid of
bridging, and use 1:1 NAT to direct the public IPs where they need to go.  Those hosts would then
need to use LAN IPs I suppose.

 - Steve Yates
 - ITS, Inc.
 - A moment's insight is sometimes worth a life's experience.

~ Taglines by Taglinator: www.srtware.com ~