[ previous ] [ next ] [ threads ]
 
 From:  "Brieseneck, Arne, VF-Group" <Arne dot Brieseneck at vodafone dot com>
 To:  "Jewell, Michael" <mjewell at law dot umaryland dot edu>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: Routing problem
 Date:  Mon, 11 Oct 2010 07:55:35 +0200
Standard IP any any. So it is not worth to call it a firewall... 

-----Original Message-----
From: Jewell, Michael [mailto:mjewell at law dot umaryland dot edu] 
Sent: 08 October 2010 20:10
To: Brieseneck, Arne, VF-Group
Subject: RE: Routing problem

Do you have an ICMP any any rule?  Or just the standard IP any any?

-Mike


-----Original Message-----
From: Brieseneck, Arne, VF-Group [mailto:Arne dot Brieseneck at vodafone dot com]
Sent: Friday, October 08, 2010 11:09 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Routing problem

Hi all,

I have a strange problem and I don't know a solution.

The situation is like this:
I have a monowall running with a LAN, a WAN and several OPT interfaces.
The monowall itself has 3 physical interfaces.
1 -> WAN
2 -> LAN
3 -> NAS

The OPT interfaces are all on VLANs but the NAS, that is physical LAN
and WAN are on physical as well but have VLAN tagged.

When I am on the GUI of monowall I can ping every host in the NAS
network without any problem from the NAS interface.
But when I try that from any other interface it does not work. The rule
set is ANY-ANY so far and I see the traffic passing the firewall.

On the other side I have a storage system. Default GW is the IP of the
NAS interface of the wall. That is working fine. I can ping the wall and
I can access other systems on other OPT networks without a problem. But
from the OPT networks towards any server in the NAS network is not
possible. But you can reach the IP of the NAS interface of course.

I wonder if there is a routing limitation in monowall...

Any help is highly appreciated.

Cheers
Arne

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch