Re: [m0n0wall] Strange difference between pb26r614-45xx and 1.1b12-generic-pc

From:	"Robert Staph" <rstaph at digitalimpreza dot com>
To:	"Robert Staph" <rstaph at digitalimpreza dot com>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Strange difference between pb26r614-45xx and 1.1b12-generic-pc
Date:	Tue, 8 Jun 2004 15:02:22 -0400
I think I figured out why I couldn't get to the 1:1 ip addresses:

"Interfaces" output from status.php:

Soekris:
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet x.x.x.202 netmask 0xfffffff8 broadcast x.x.x.207
	inet x.x.x.203 netmask 0xffffffff broadcast x.x.x.203
	inet x.x.x.204 netmask 0xffffffff broadcast x.x.x.204
ether 00:00:24:c1:97:40
	media: Ethernet autoselect (10baseT/UTP)
	status: active


PC:
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=1<RXCSUM>
	inet x.x.x.202 netmask 0xfffffff8 broadcast 216.169.176.207
	ether 00:01:03:23:42:50
	media: Ethernet autoselect (10baseT/UTP)
	status: active

It doesn't have the 203, 204, 205 external addresses assigned to it.  (the
x.x.x. is the same in all cases, real numbers just removed by me.  I sit in
a 255.255.255.248 subnet).  Gateway is 201, LAN 202, DMZ server 203, LAN 1:1
pc 204...

I believe the card I put in for the WAN (xl0) is a 3com 905c-tx.  Could it
be that this card can't do what I ask of it?

-Rob


----- Original Message ----- 
From: "Robert Staph" <rstaph at digitalimpreza dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, June 08, 2004 2:30 PM
Subject: [m0n0wall] Strange difference between pb26r614-45xx and
1.1b12-generic-pc


> I've got a soekris 4501 currently performing routing for my network.
>
> I'm trying to put up a generic pc version of m0n0wall on a system with 3
> network cards (2 from 1 manuf, 1 from another if it matters) to replace
the
> soekris system so I can put the wireless part of it to use with the new
> captive portal stuff.
>
> I'm using basically the same config (firewall, network, dhcp, etc) for
each
> but the PC version won't route in-bound traffic right.  I have a server on
> the opt1 (DMZ) interface that is configured via 1:1 for a different IP
> address than my WAN is.  I also have a PC on the LAN side that requires a
> 1:1 for another IP.  All WAN side ip addresses are in the same subnet.
>
> On the PC:  I can get to the internet, and do client type stuff fine on
the
> LAN.  I can get to the internet, and do client type stuff fine on the DMZ.
> I can SSH to the server on the DMZ from the LAN.  I can't SSH, HTTP, FTP,
> DNS, to the server on the DMZ from anywhere outside my network (using the
> 1:1 outside address).  I also can't do DNS lookups from LAN to the DMZ
> server.  My DMZ server is dead to the outside world, as is the other 1:1
> machine that I have configured (resides on the LAN side).
>
> On the Soekris:  Everything works how I want.
>
> The only real differences from looking at the two config.xml's is the name
> of the interfaces and the lack of a wireless interface that is on the
> soekris.  Otherwise everything else is exactly the same (firewall rules,
> NATs, PPTP, DHCP, etc).
>
> I'm probably missing something rather simple, but I went through all the
> webgui screens and aside from the version based differences, the
> configuration between these two installations is the same.  Any ideas
before
> I throw the PC away?
>
> -Rob
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>