[ previous ] [ next ] [ threads ]
 From:  "C. Falconer" <cfalconer at avonside dot school dot nz>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  m0n0wall NAT weirdness (It shouldn't be doing this!)
 Date:  Wed, 26 May 2004 00:25:24 +1200
Gidday all.  I'm new to m0n0wall, and have it working fine in every respect
but one.

I have a web server at, which I want the world to access from

I have a NAT line that says:
TCP 	80 (HTTP) 	80 (HTTP) 	HTTP 

I have a firewall rule that was automatically created when I added the above
NAT line.

Now, the truly strange thing is that from an internal IP I can connect to
port 80 on
I can't connect to port 80 from any real-world Ips

So I added some logging...  I now see this in the logs when attempting to
connect to port 80 from work (
00:22:27.902608 xl1 @200:1 p,2066 ->,80 PR tcp len 20
60 -S K-S OUT
00:22:27.902566 xl0 @200:1 p,2066 ->,80 PR tcp len 20
60 -S K-S IN

I can't see where I'm going wrong...  Its not obvious where the problem lies
at all.

Possibly related - I can ping my firewall from the LAN but not the WAN
side... Is this correct?

If you can help me, I promise to document this!