[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DHCP on WAN + DNS issues
 Date:  Tue, 20 Jul 2004 14:05:26 -0700 (PDT)
On Mon, 19 Jul 2004, ubi de feo wrote:

> i have an ADSL over ISDN connection here in holland, with kpn.
> the adsl modem is a speedtouch 510i (1 isdn port+1 eht port).
> after ages spent on hacking the modem to have it working with DHCP 
> spoofing
> (all the dhcp data are passed to the first machine that requests them), 
> i bought a
> soekris net 4801, thinking that i could solve my problems with 
> 4801+m0n0wall
> instead of the crappy unmanageable firewall that the speedtouch has in 
> it.

If you were previously using the modem as a router, then that can cause
further confusion, especially if it's doing NAT.  You may need to change
the modem config to act more "transparently" when using a separate router.

> well...
> this was never working, mates.
> whatever machine i attach to the modem gets every piece of 
> configuration data.
> IP
> subnet
> router(gateway)
> now...
> why doesn't m0n0wall get them?
> what i get from the DHCP server is the following
> IP: 213.84.x.x
> subnet:
> router:

This is a completely illegal configuration.  The question is how another
machine *can* work with it. :-) Are you sure this is really what's coming
from the DHCP server?  And is it your ISP's DHCP server, or the one in the
modem itself?

The all-ones (/32) subnet mask is illegal, since the maximum permitted
length is 30 bits, except for a special kludge to permit 31-bit netmasks
on point-to-point links (which this isn't).

Even with a proper subnet mask, the gateway has to lie in the same subnet
as the machine's own IP, or else it isn't reachable.  Given the completely
different "IP" and "router" above, you'd have no reachable gateway with
any netmask longer than two bits.

> i also tried to configure the speedtouch as PPTP, but i don't have the 
> "provider IP" to pptp to.

You can't arbitrarily decide whether to use PPTP or not, since that
depends on your ISP.  With the SpeedTouch, it's a function of whether they
use PPPoA on their side.  If the setup works with another machine, you
should be able to look at that and see how it's configured.

I don't know where you see "provider IP", but for the PPTP/PPPoA setup
you'd specify the *modem's* IP ( by default in the ST Home, at
least) as the "Remote IP address", and some other address in the same
subnet for "Local IP address".  Make sure you change the netmask to
something more reasonable than /31 (the usual for a 10.x address would be
/8, though the common /24 would be OK as long as you use 10.0.0.x for

If the ST 510i is anything like the ST Home, it has lots of configuration
options of its own, but most ISPs tend to set things up to work with the
default config, just because it's too much trouble to explain to users how
to configure it.  If you've made changes to the modem config, it might be
desirable to reset it to the factory defaults (perhaps backing up the
configs via FTP first).

					Fred Wright