Re: [m0n0wall] I'm a bit confused..

From:	Fred Wright <fw at well dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] I'm a bit confused..
Date:	Sun, 12 Sep 2004 14:27:04 -0700 (PDT)

(back on-list)

On Sun, 12 Sep 2004, Andrew Greenwood wrote:

> 
> > > I had a similar problem recently.
> > >
> > > The way I worked around it was to go into the NAT setup, and click on
> the
> > > "Outbound" tab, enable the outbound NAT feature and add 2 rules - one
> for
> > > IPs going to the internet, and one for IPs going to LAN1.
> > >
> > > I can't remember the exact details right now but that's hopefully a
> start!
> >
> > That's only if you're trying to NAT between the subnets.  While that's *a*
> > way of making the routing work, it's usually not the best way.
> 
> I could find no other way of doing it - I even made a firewall rule for it,
> which did nothing.
> 
> Perhaps it didn't help with the wireless network being in 80.x range!

Most likely that was because of the routing issue I described.  If the
m0n0wall isn't the default gateway for a given machine, it won't know to
use it to reach the other subnet unless it has a static routing entry.  
NAT finesses the issue by making the cross-subnet traffic appear to
originate from the m0n0wall itself, but adds (possibly) unnecessary
"mangling" of the packets.

					Fred Wright