I have a strange problem with m0n0wall and static routes. My network looks
My LAN subnet is 192.168.1.0/24 and the .254 machine is a router that can
reach the 172.16.0.0/16 network via some MPLS network.
I have added a static route to the LAN interface on the m0n0wall to reach
the 172.16.0.0/16 network via 192.168.1.254.
When I try to reach 172.16.1.1 from my LAN using the m0n0wall as a default
gateway strange things happen. If I ping 172.16.1.1 from LAN I get a reply
and I can see that ICMP redirects are being sent to tell me that
192.168.1.254 is a more direct route to that host. This is fine. If I try to
SSH to that host I am prompted for a password. If I enter the password
correctly the connection hangs. When I check the logs on the m0n0wall I see
22:29:23.387117 dc0 @0:68 b 192.168.1.201,40452 -> 172.16.1.1,22 PR tcp len
20 64 -A IN
22:29:23.349785 dc0 @0:68 b 192.168.1.201,40452 -> 172.16.1.1,22 PR tcp len
20 436 -AP IN
Does this mean that this traffic is being dropped by the m0n0wall? It
doesn't make sense to me since dc0 is my LAN interface and I have a rule to
permit all traffic coming in on the LAN interface.
Also since I do get the password prompt from SSH some packets do in fact get
through. Perhaps only the first one or two?
Any help is appreciated. I can post more info if you need it.