[ previous ] [ next ] [ threads ]
 
 From:  "Quark IT - Hilton Travis" <hilton at quarkit dot com dot au>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: [m0n0wall] Strangeness
 Date:  Tue, 24 Aug 2004 10:09:26 +1000 
Hi All,

OK.  My bad.  I misread the OPT1 rule that said "disallow all traffic
from OPT1 to LAN" as "Allow All OPT1 traffic to anywhere but LAN".  So,
I needed more port before trying to read again!.

So, problem sorted - no hardware issue, no m0n0wall issue, simply a
HiltonT misreading issue.  :)

--

Regards,

Hilton Travis                          Phone: +61 (0)7 3343 3889
(Brisbane, Australia)                  Phone: +61 (0)419 792 394
Manager, Quark IT                      http://www.quarkit.com.au
         Quark AudioVisual             http://www.quarkav.net

http://www.threatcode.com/ <-- its now time to shame poor coders 
into writing code that is acceptable for use on today's networks

War doesn't determine who is right.  War determines who is left. 

> -----Original Message-----
> From: Quark IT - Hilton Travis [mailto:hilton at quarkit dot com dot au] 
> Sent: Friday, 20 August 2004 14:14
> 
> Hi All,
> 
> I'm stumped here.  I've played with this for a while now, but 
> seem not to be able to find rhyme nor reason for the issue I 
> have come across.
> 
> I have 2 m0n0wall systems - one here, and one at a mate's 
> place.  They are configured almost identically (mine's a 
> net4501, his is a generic PC, both running 1.1b17, and both 
> with 3 NICs) except for the IP address ranges.  Now, this box 
> here works fine - this is an OPT1 issue I have - and his 
> doesn't.  I'll explain a bit more...
> 
> 				His box:		My Box
> WAN:				PPPoE			PPPoE
> LAN:				192.168.0.25/24	192.168.69.254/24
> OPT1:				172.16.0.1/24	172.16.69.254/24
> DHCP:				OPT1 only		OPT1 only
> DNS Primary:		ISP Pri DNS		ISP Pri DNS
> DNS Secondary:		ISP Sec DNS		ISP Sec DNS
> DNS Forwarder:		Enabled		Enabled
> Allow DNS Override:	Enabled		Enabled
> 
> Now, on my box I can connect a PC to the OPT1 interface and 
> have it obtain an IP and DNS Servers, then have this machine 
> immediately ping the OPT1 interface on the firewall, and 
> browse to Google.com.au - works like a dream.
> 
> On my mate's machine, he receives his IP/DNS fine through 
> DHCP, but he cannot ping the OPT1 IP nor can he browse any 
> web sites nor can he ping outside his network.  Another 
> machine on the same hub (not switch) that has been statically 
> configured is in the same boat - and these two machines can 
> see each other perfectly, just not the m0n0wall NIC.
> 
> I have looked through every setting, and I cannot see 
> anything that would be causing this problem.  He cannot ping 
> the m0n0wall OPT1 NIC by IP, I can.  He can ping the other 
> machine on the OPT1 network by IP perfectly.  I can browse 
> bast the OPT1 interface to the Internet, he cannot.
> 
> I have port forwarded port xyz to his other machine on the 
> DMZ and I can get to it - using a web browser, I can see its 
> default page.  So connectivity is kinda there, but not 
> completely there.  Weird, huh?
> 
> I'm stumped.  Any ideas?
> 
> 
> --
> 
> Regards,
> 
> Hilton Travis                          Phone: +61 (0)7 3343 3889
> (Brisbane, Australia)                  Phone: +61 (0)419 792 394
> Manager, Quark IT                      http://www.quarkit.com.au
>          Quark AudioVisual             http://www.quarkav.net
> 
> http://www.threatcode.com/ <-- its now time to shame poor coders 
> into writing code that is acceptable for use on today's networks