[ previous ] [ next ] [ threads ]
 
 From:  "Neil Schneider" <pacneil at linuxgeek dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Cannot get SSH (or any service published) behind m0n0wall
 Date:  Sun, 29 Feb 2004 14:10:48 -0800 (PST)
I have several M0n0wall boxes with similar rules, that work. One port
forward didn't work properly, apparently because I forgot to check
"Auto-add a firewall rule to permit traffic through this NAT rule" when I
set up the port-forward rule. NAT looks like this:

External Address: WAN
Protocol: TCP
External Port Range: Other 2022
                     Other 2022
NAT IP: 192.168.0.10
Local Port: SSH
Description: port-forward -> smbserver
x Auto-add a firewall rule to permit traffic through this NAT rule
Version: 1.0

I even have multiple ports forwarded to ssh, because other consultants
expect to use a different port, based upon prior firewall. Those also
work.


Joe Smith said:
> Bart,
>
> Thanks for your help.  Basically trying to allow SSH
> at the firewall to hit a server behind it.  At the
> moment using the rules such as Dany put out earlier.
> Firewall : Rules
>
> WAN interface
>  TCP       *       *       192.168.0.6       22 (SSH)
>      NAT SSH on
> FileServ
>
> Firewall : NAT
>  TCP       22 (SSH)       192.168.0.6       22 (SSH)
>     SSH on
> FileServ
>
> Is the Proxy ARP necessary in this scenario?
>
> --- Bart Smit <bit at pipe dot nl> wrote:
>> Joe Smith wrote:
>>
>> > I am getting emails sent to me without going to
>> the
>> > list agreeing with me that there is a problem here
>> > that is not being resolved.
>>
>> Can you come up with a minimal configuration that
>> exhibits
>> the problem, and can you tell us what version of
>> m0n0wall
>> you are using? I'd like to help.
>>
>> --Bart
>>
>>
>>
> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail:
>> m0n0wall dash help at lists dot m0n0 dot ch
>>
>
> __________________________________
> Do you Yahoo!?
> Get better spam protection with Yahoo! Mail.
> http://antispam.yahoo.com/tools
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>


-- 
Neil Schneider                              pacneil_at_linuxgeek_dot_net
                                           http://www.paccomp.com
Key fingerprint = 67F0 E493 FCC0 0A8C 769B  8209 32D7 1DB1 8460 C47D

Fires can't be made with dead embers, nor can enthusiasm be stirred by
spiritless men. Enthusiasm in our daily work lightens effort and turns
even labor into pleasant tasks. --James Baldwin