On Sun, 12 Sep 2004, Andrew Greenwood wrote:
> Ok so I have a m0n0wall box with LAN, WAN and OPT1 (wireless) interfaces
> Accessing anything on the LAN from the LAN is fine, as it doesn't go thru
> the m0n0wall box.
> Accessing the WAN from the LAN works fine, too.
> However, accessing OPT1 from the LAN fails unless an outbound NAT rule is
> created specifically for it.
> I'm thinking maybe m0n0wall checks WAN first to see if it can access the IP
> over that interface, before attempting OPT1?
It just goes by the routing tables. In a sense, it "checks the WAN"
*last*, because most routing to WAN (except for an address that happens to
lie within the WAN interface's subnet) is via the default gateway. OPT1
will autmatically get a routing entry for its subnet, but if you need to
reach other IPs via that interface, you need a static route.
Just do a "netstat -rn" to see what your routing tables look like.