Re: [m0n0wall] Re: Unable to ping DMZ host from LAN

From:	"Rodman Frowert" <frowertr at i dash 1 dot net>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Re: Unable to ping DMZ host from LAN
Date:	Thu, 9 Sep 2004 08:39:59 -0500

I wrote:

> Something is really weird here.
>
> After I did a factory reset, I was immediately able to ping every device 
> in the DMZ.  However after I added my first rule to the DMZ interface 
> which was "allow TCP from DMZ from * port  to NOT LAN to destination port 
> 80" so that I could try out surfing on the DMZ, all of a sudden, I could 
> no longer ping the DMZ from the LAN.  So I took the rule back out and I 
> still can't ping the DMZ.  Something appears broke somewhere.  I haven't 
> added any other rules on the than the one above and it broke on that one. 
> I took it out and it is still broke...
>
> This is really strange.  It is almost like when I add a rule to the DMZ, 
> it appears to be break the routing tables for some reason.  But even after 
> I take it out again, it still appears broken.
>
> I am at a loss.
>
> Rodman

UPDATE!  Well I decided I would try swapping interfaces around in the back 
of the m0n0 box to see if that did anything.  Whatdoyouknow...  It worked 
like a charm.  I simply swapped the WAN and LAN cables around on the m0n0 
box's NICs and then reset back to factory.  Everything works perfectly now. 
I have no idea why that would cause a problem.  Two of the NICs are exactly 
the same kind while the other one is a different brand.  Perhaps that was 
causing a problem.  Whatever it is, it is solved.  I can ping and talk to 
anything in the DMZ.  I guess this is good information to know incase this 
should happen to someone in the future.

Thank you so much for everyone's help.  You guys are a great wealth of 
knowledge!  I'll will be hanging around this list for a while.