MANY thanks Anders. This is a realy complete solution. I finally learned
the deeper meaning of those advanced NAT settings.
The web access works fine now; I had no syslog messages yet. Maybe I did
somthing wrong after all.
Regards, Egbert Jan
Op 20-1-2011 18:51, Anders Hagman schreef:
> I have used a modem outside m0n0wall with http and syslog for some time.
> The modem has the address 192.168.1.1 in my example.
> 1. First I have added a secondary address with a shell command into the
> xml file.
> <shellcmd>ifconfig xl0 192.168.1.2/24 alias</shellcmd>
> 2. Turn on outbound advanced NAT and add a rule for normal traffic and
> traffic to the modem. Use the secondary address as the target address.
> This to make HTTP to the modem work.
> WAN 172.16.2.0/24 ! 192.168.1.1/32 * Normal LAN NAT
> WAN 172.16.2.0/24 192.168.1.1/32 192.168.1.2 D-Link modem
> 3.1 Syslog needs four things. First add server NAT external address.
> 192.168.1.3 External address of the syslog server
> 3.2 Make an inbound NAT rule for syslog. 172.16.2.6 is the syslog
> address on the inside.
> WAN UDP 514 172.16.2.6 514 trap syslog
> (ext.: 192.168.1.3)
> 3.3 Make a filter rule to accept the syslog traffic.
> UDP 192.168.1.1 * 172.16.2.6 514 NAT syslog trap
> 3.4 Add a proxy arp entry to make the m0nwall answer arp requests on the
> address 192.168.1.3.
> WAN 192.168.1.3 NAT to syslog
> 4. Configure your modem to send syslog to 192.168.1.3
> Good luck
> On 2011-01-19 20:10, Egbert Jan van den Bussche wrote:
>> TNX Jakob. The modem is in bridge mode indeed and PPP assigment works
>> but I would like to be able to use the web interface of the modem and
>> more important, the modem sends syslog messages which I want to
>> capture on miy server on the LAN. I seem to remember that I had this
>> working when I tested with OpenWRT, a long time ago. But I want to
>> stick to Monowall, though... I'm used to that and it serves me a well
>> for a few years already.