[ previous ] [ next ] [ threads ]
 
 From:  "Martin Holst" <mail at martinh dot dk>
 To:  "Andreas Gracco" <A dot Gr at ims dot ch>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] routing / icmp redirect
 Date:  Thu, 6 May 2004 22:47:12 +0200
Hi Andreas!

If I get it right m0n0wall is supposed to pass all Net1 traffic destined
for Net2 - and redirect all other traffic to Router X?

Just to make sure: network 1 and 2 are both private networks right?
...and traffic from Net1 to Net2 (and vice versa) is passed OK, or what?
Otherwise I would think that it's the standard anti-spoofing rule that
blocks RFC1914 addresses on WAN (disable it on WAN)

Could you take a look in the firewall log and see which rule is blocking
the traffic?
Posting a log with spoofed IP-addresses would probably be helpful, if
you're unsure about reading it yourself.

/Martin

-----Original Message-----
From: Andreas Gracco [mailto:A dot Gr at ims dot ch] 
Sent: 6. maj 2004 14:10
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] routing / icmp redirect

Can somebody plz help me to solve this problem?

I have 2 Networks and 1 Internet Connection and 1 WAN connection to a
big company's network!
I want to replace our cisco router with m0n0wall. The cisco works fine
but it is to slow (WAN only 10Mbit/s), not easy to configure, not
extendable and toooooo vulnerable!

Network diagram:

Internet
    |
Proxy's
    |
Big Company Network
    |
Router X (I can't configure this)
    |
Our Network 1 
    |
----------
|  WAN   |
|m0n0wall|
|  LAN   |
----------
    |
Our Network 2
    |
Sonicwall
 |	  |
DMZ   Internet


The Hosts in our Network 1 have configured m0n0wall as their default
gateway.
On the m0n0wall i have Router X as default gateway on WAN and some
static routes for DMZ/VPNs and so on.
m0n0wall doesn't redirect tcp/udp connections incomming on the WAN
interface to the responsible router!
For example, if a host from "our network 1" wants to connect with telnet
to a host in the "Big Company Network" m0n0wall blocks the connection
instead of redirecting it to "Router X"! Ping's are redirected but
tcp/udp connections are blocked!

any ideas?

thx

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch