[ previous ] [ next ] [ threads ]
 
 From:  "C. Falconer" <cfalconer at avonside dot school dot nz>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  m0n0wall NAT weirdness (It shouldn't be doing this!)
 Date:  Wed, 26 May 2004 00:25:24 +1200 
Gidday all.  I'm new to m0n0wall, and have it working fine in every respect
but one.

I have a web server at 10.28.1.2, which I want the world to access from
http://criggie.dyndns.org/   202.0.42.116

I have a NAT line that says:
TCP 	80 (HTTP) 	10.28.1.2 	80 (HTTP) 	HTTP 

I have a firewall rule that was automatically created when I added the above
NAT line.

Now, the truly strange thing is that from an internal IP I can connect to
port 80 on 202.0.42.116.
I can't connect to port 80 from any real-world Ips

So I added some logging...  I now see this in the logs when attempting to
connect to port 80 from work (202.0.37.196)
00:22:27.902608 xl1 @200:1 p 202.0.37.196,2066 -> 10.28.1.2,80 PR tcp len 20
60 -S K-S OUT
00:22:27.902566 xl0 @200:1 p 202.0.37.196,2066 -> 10.28.1.2,80 PR tcp len 20
60 -S K-S IN

I can't see where I'm going wrong...  Its not obvious where the problem lies
at all.

Possibly related - I can ping my firewall from the LAN but not the WAN
side... Is this correct?

If you can help me, I promise to document this!