[ previous ] [ next ] [ threads ]
 
 From:  Michael Monaghan <mmonaghan at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Priority of interfaces (LAN, WAN, OPT1)
 Date:  Sun, 12 Sep 2004 22:36:00 -0400
Andrew,

I'm not sure if this applies to m0n0wall or the underlying FreeBSD,
but some OSes will not route between private and public addresses
without some "lubrication".  Try changing the Wireless segment to a
private address range (10.x.x.x, 172.16.x.x to 172.31.x.x, or
192.168.x.x) and see if it will route then.

Background:

The RFCs encourage routers to frown upon routing between public and
private IP ranges due to all the problems it can create.

Mike


On Mon, 13 Sep 2004 03:18:51 +0100, Andrew Greenwood
<lists at silverblade dot co dot uk> wrote:
> > > However, accessing OPT1 from the LAN fails unless an outbound NAT rule
> is
> > > created specifically for it.
> > >
> >
> > You're missing a firewall rule.  You don't need NAT at all to go from
> > LAN -> OPT or vice versa, that's just routed according to the routing
> > table, as Fred mentioned.  If you put in a rule allowing LAN -> OPT1,
> > it should work.
> 
> Tried that - I couldn't access the wireless LAN from any of my machinse,
> except from the m0n0wall box itself.
> 
> Once outbound NAT was enabled, it worked.
> 
> Could it be because the wireless LAN interface is 80.10.0.x?
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>