Dear m0n0wall experts
I need your opinion once more.
In the beginning, we use m0n0wall connected to a cable modem for internet
connection and connect two sites of our stores to share the internet
connection using ubiquity Power Bridge and Nano bridge product
(www.ubnt.com). Here is the schema for the first connection:
First Connection Map:
Internet <--> Cable Modem <--> m0n0wall (With WAN set by DHCP) <--> Main
Office Switch <--> UBNT Nano Bridge Wireless (As Station WDS) <-----> UBNT
Power Bridge Wireless (As access point WDS) <--> Branch 1 Soho Switch
With the network map above all things still working and internet works fine.
Now when I added the 3rd tier, the intranet works, but the internet does not
work. When I traceroute google from the branch, it seemed that the route
cannot go out of the branch office.
Here is the new Map
Internet <--> Cable Modem <--> m0n0wall (With WAN set by DHCP)
Main Office Switch <--> UBNT Nano Bridge
Wireless (As Station WDS)
UBNT Power Bridge
Wireless (As access point WDS) <--> Branch 1 Soho Switch -- PCs (Internet
does not work, but intranet OK)
UBNT Nano Bridge
Wireless (As Station WDS) <--> Branch 2 Soho Switch -- PCs (Internet does
not work, but intranet OK)
After new mapping took place, the internet in branch 1 and 2 does not work
anymore. But intranet works. The wireless supplier blamed m0n0wall for being
not able to perform and suggest us to buy microtic or cisco router, but I
still having hard time to access their information. The main office though,
internet works great.
Here are the list of things I did for testing:
1. Connect computer from branch to the main office server using windows
remote desktop. It worked great.
2. All intranet activities including ping and traceroute to internal address
3. Ping yahoo ip from monowal (main office): 18.104.22.168 and it worked
4. Ping yahoo from server PC using command console worked.
5. Ping yahoo IP using ping tool from Main Office Wireless Access Point --
FAILED. I also added the MAC address for both the Wireless MAC and LAN MAC
to the captive portal pass-through-MAC list and still did not work.
6. Ping internal IPs using ping tool from Main Office Wireless Access Point
7. I mapped NAT to access the Main Office Web Interface, but when accessed
from remote site it cannot view the web interface. All rules are allowed.
I seemed that all things that passes the wireless are blocked from going out
if the source come from the wireless access point and beyong. Only computers
within the main office can access internet, but all intranet activities
worked great. Can anyone please help me? I am totally stressed out.