I've got a soekris 4501 currently performing routing for my network.
I'm trying to put up a generic pc version of m0n0wall on a system with 3
network cards (2 from 1 manuf, 1 from another if it matters) to replace the
soekris system so I can put the wireless part of it to use with the new
captive portal stuff.
I'm using basically the same config (firewall, network, dhcp, etc) for each
but the PC version won't route in-bound traffic right. I have a server on
the opt1 (DMZ) interface that is configured via 1:1 for a different IP
address than my WAN is. I also have a PC on the LAN side that requires a
1:1 for another IP. All WAN side ip addresses are in the same subnet.
On the PC: I can get to the internet, and do client type stuff fine on the
LAN. I can get to the internet, and do client type stuff fine on the DMZ.
I can SSH to the server on the DMZ from the LAN. I can't SSH, HTTP, FTP,
DNS, to the server on the DMZ from anywhere outside my network (using the
1:1 outside address). I also can't do DNS lookups from LAN to the DMZ
server. My DMZ server is dead to the outside world, as is the other 1:1
machine that I have configured (resides on the LAN side).
On the Soekris: Everything works how I want.
The only real differences from looking at the two config.xml's is the name
of the interfaces and the lack of a wireless interface that is on the
soekris. Otherwise everything else is exactly the same (firewall rules,
NATs, PPTP, DHCP, etc).
I'm probably missing something rather simple, but I went through all the
webgui screens and aside from the version based differences, the
configuration between these two installations is the same. Any ideas before
I throw the PC away?