[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Problem getting m0n0wall to work
 Date:  Wed, 4 Aug 2004 23:15:23 -0700 (PDT)
On Wed, 4 Aug 2004, blaue0 wrote:

> Thanks a lot. First: With crossover cable from my machine to m0n0, all 
> works fine.
> I don't know much about electronic and such stuff. I don't know if my 
> switch is grounded correctly, but I think it's not.

Grounding is irrelevant for Ethernet.

If the Link Status LEDs come on on both ends, then you have the right kind
of cable.  That deosn't rule out subtler problems, but most of the time
that's an adequate test.

> I know, that I have to use https instead of http with HTTPS, but it's as 
> I said: nmap shows a completly closed firewall. Not even one port is open.

Did you remove the default "allow everything from LAN" rule?  The ruke
generator inserts its own "allow LAN HTTP" rule to keep you from getting
locked out of the GUI, but I'm not sure it's smart enough to change the
port number for HTTPS (or a nonstandard port).

> I'm not using the same IP subnet on WAN and LAN interface, the LAN is 
> 192.168.1.x and the WAN is assigned by DHCP from my cable provider.

Umm, your ISP is assigning you a 192.168.1.x address via DHCP, meaning
that *they're* doing NAT for you?  If so, you need to pick a different
subnet for the LAN.

> I can ping the box with a crossover cable (when it's directly connected 
> to my machine), but I can't if it's connected to the switch using 
> crossover or patch cable.

Beware that some switches don't notice when machines are moved from one
port to another (at least not before the entry expires, which typically
takes about 5 minutes).  You might try power-cycling the switch.

> Allan D. Piske wrote:
> >Hi, there maybe a compatibility problem with your switch and these adapters,
> >If you connect the PC to m0n0 with the crossover cable it works or not?
> >Remember that grounding can affect data communications as well, it's where
> >important that every device interconnnected in the LAN are grounded.

No, Ethernet is completely transformer-isolated and doesn't care about
grounding.  Even coax Ethernet is transformer-isolated, albeit in a more
complicated way.  The insulation involved has to be good enough to
withstand at least 1500VDC.  Unless you're using STP with the shield
grounded at both ends, you can "ground" one machine to the "hot" side of
the power line and still use Ethernet.  I'd be careful what *else* you
connected that machine to, though. :-)

					Fred Wright