Re: [m0n0wall] Inbound NAT works, 1:1 and ServerNat doesn't

From:	Toli <schmoli at schmoli dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Inbound NAT works, 1:1 and ServerNat doesn't
Date:	Wed, 05 May 2004 16:19:06 -0700
Well, thinking that perhaps Proxy ARP was my solution, I tried to set it 
up with the network:
A.B.C.114/29, but that didn't work.

However, setting up individual Proxy ARPS for A.B.C.115-118 seemed to do 
the trick!

Toli wrote:

> I've read a few months back in the archives, and there are plenty of 
> people who seem to have problems getting any type of NAT working.  I 
> am not one of those people.  I successfully NAT ports from my WAN IP 
> to both machines on my LAN as well as my OPT interfaces with no 
> problems.  My problem is occuring because I have more than one WAN IP, 
> and now need to NAT some ports from some of thoese IP addresses to 
> machines in my LAN and OPT interfaces.  following is all my settings, 
> including the Inbound NAT rules that work.
>
> WAN interface: (I have IP addresses A.B.C.114-118)
> IP Address: A.B.C.114 / 29
> Gateway: A.B.C.113
> Block Private networks: yes
>
> LAN interface:
> IP Address: 10.0.0.1 / 24
>
> # firewall rules in place but not designed help with the below 
> problems (ie, tell me if it's one of these that is causing the problem)
> #WAN
> (no rules in place)
> # LAN - designed to allow traffic out of the LAN, but not into any of 
> my other OPT subnets (10.*.*.*)
> Proto: *, Source: LAN net, Port: *, Destination: !10.0.0.0/16, Port: *
>
> # first rule allows port 80 on my main WAN IP (A.B.C.114) to route to 
> my personal box (10.0.0.131)
> # this works!
> inbound nat:
> Proto: TCP, Port: 80, NAT IP: 10.0.0.131, Port: 80
> firewall:
> Proto: TCP, Source: *, Port: *, Destination: 10.0.0.131, Port: 80
>
> # second rule allows port 80 on my next WAN IP (A.B.C.115) to route to 
> my personal box (10.0.0.131)
> # this rule does not work, I have no idea why, it hates me
> Server Nat:
> IP: A.B.C.115 Description: ServerNat1
> Inbound NAT:
> Proto: TCP, Port: 80, Nat IP: 10.0.0.131 (A.B.C.115), Port: 80
> firewall:
> Proto: TCP, Source: *, Port: *, Destination: 10.0.0.131, Port: 80
>
> # third rule allows port 80 on my next WAN IP (A.B.C.116 to route to 
> my personal box (10.0.0.131) via 1:1
> # this rule also does not work, I have no idea why, it also hates me
> 1:1 settings:
> Extern IP: A.B.C.116/32, Intern IP: 10.0.0.131/32
> Firewall: as far as I can tell, it should be the same, so the same
> Proto: TCP, Source: *, Port: *, Destination: 10.0.0.131, Port: 80
>
> is that enough information to help me out?
>
> Thanks! Been enjoying m0n0wall for quite some time (my box is even in 
> the gallery), just finally starting to get into some more complex rules.
>
> -- 
> Toli Leonovich
>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch