Gidday Chet - thanks for the advice.
I have a static IP - I only use dyndns because that's what people know me
as, and I'm too poor to pop for my own domain.
The ISP also allows anything on cable... Theres no blocks at all for
I had all this working fine with a linux server, so its got to be a m0n0wall
config, or possibly the hardware that m0n0wall is running on.
From: Chet Harvey [mailto:chet at pittech dot com]
Sent: Tuesday, 25 May 2004 11:16 p.m.
To: C. Falconer; m0n0wall at lists dot m0n0 dot ch
Subject: Rv: [m0n0wall] m0n0wall NAT weirdness (It shouldn't be doing this!)
There may be more to this than m0n0wall.
First, ICMP pings from the WAN side I believe are dropped by default. Others
here will let me know if I am wrong. =)
As for serving up pages on 80 via the wan side and dyndns....A) I assume you
setup dyndns in m0n0wall to stay current and B) does your ISP allow 80
traffic from customer websites?
I have Cox cable in Virginia and they do not allow port 80 traffic from a
customer like me.
--------- Mensagem Original --------
From: C. Falconer <cfalconer at avonside dot school dot nz>
To: m0n0wall at lists dot m0n0 dot ch <m0n0wall at lists dot m0n0 dot ch>
Subject: [m0n0wall] m0n0wall NAT weirdness (It shouldn't be doing this!)
Date: 25/05/04 11:29
> Gidday all. I'm new to m0n0wall, and have it working fine in every
> but one.
> I have a web server at 10.28.1.2, which I want the world to access from
> http://criggie.dyndns.org/ 22.214.171.124
> I have a NAT line that says:
> TCP 80 (HTTP) 10.28.1.2 80 (HTTP) HTTP
> I have a firewall rule that was automatically created when I added the
> NAT line.
> Now, the truly strange thing is that from an internal IP I can connect
> to port 80 on 126.96.36.199. I can't connect to port 80 from any
> real-world Ips
> So I added some logging... I now see this in the logs when attempting
> to connect to port 80 from work (188.8.131.52) 00:22:27.902608 xl1
> @200:1 p 184.108.40.206,2066 -> 10.28.1.2,80 PR tcp
> 60 -S K-S OUT
> 00:22:27.902566 xl0 @200:1 p 220.127.116.11,2066 -> 10.28.1.2,80 PR
> 60 -S K-S IN
> I can't see where I'm going wrong... Its not obvious where the
> at all.
> Possibly related - I can ping my firewall from the LAN but not the WAN
> side... Is this correct?
> If you can help me, I promise to document this!
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch