[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Help passing traffic from LAN to OPT1
 Date:  Sat, 3 Jul 2004 17:42:29 -0700 (PDT)
On Sat, 3 Jul 2004, Dan O'Brien wrote:

> I am having similar problems to this. I have a web server attached to 
> monowall on it's own NIC, but if i don't have the 'opt1' interface binded to 
> the 'LAN' interface i can't see, ping, tracert, etc between the two 
> networks. Anything on the LAN interface works fine, i can get out to the 
> internet and vice versa, but from the 'OPT1' network i can do nothing.
> I set up firewall and NAT rules to duplicate the LAN rules on OPT1 and it 
> still doesn't work. Any suggestions. I have been following this thread very 
> closely and everything that has been suggested hasn't worked for me

You'll need to be more specific about the config, but you also need to
check things in stages.  If the interface is configured correctly, you
should be able to ping the webserver from the m0n0wall itself.  If that
doesn't work, see my note about the netmask.

Once that works, it won't make the webserver accessible from anywhere else
unless you do one of two things:

1) Configure the webserver to have the m0n0wall as the route to "anywhere
of interest", which in this configuration almost certainly measn amking
the m0n0wall its default gateway.

2) Enable NAT on the OPT1 interface.  But beware that this requires
enabling "Advanced Outbound NAT", which is *instead of* the default NAT
setup rather than *in addition to*, so you'll need to add at least one NAT
rule to restore outbound NAT on the WAN.

I suspect #1 is what you want.

					Fred Wright