[ previous ] [ next ] [ threads ]
 
 From:  Michael Monaghan <mmonaghan at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Priority of interfaces (LAN, WAN, OPT1)
 Date:  Sun, 12 Sep 2004 22:56:50 -0400
Andrew,
Check the interfaces configuration all the way at the bottom of the page:

Block private networks

Some smart person made this configurable!

Mike


On Sun, 12 Sep 2004 22:36:00 -0400, Michael Monaghan
<mmonaghan at gmail dot com> wrote:
> Andrew,
> 
> I'm not sure if this applies to m0n0wall or the underlying FreeBSD,
> but some OSes will not route between private and public addresses
> without some "lubrication".  Try changing the Wireless segment to a
> private address range (10.x.x.x, 172.16.x.x to 172.31.x.x, or
> 192.168.x.x) and see if it will route then.
> 
> Background:
> 
> The RFCs encourage routers to frown upon routing between public and
> private IP ranges due to all the problems it can create.
> 
> Mike
> 
> 
> 
> 
> On Mon, 13 Sep 2004 03:18:51 +0100, Andrew Greenwood
> <lists at silverblade dot co dot uk> wrote:
> > > > However, accessing OPT1 from the LAN fails unless an outbound NAT rule
> > is
> > > > created specifically for it.
> > > >
> > >
> > > You're missing a firewall rule.  You don't need NAT at all to go from
> > > LAN -> OPT or vice versa, that's just routed according to the routing
> > > table, as Fred mentioned.  If you put in a rule allowing LAN -> OPT1,
> > > it should work.
> >
> > Tried that - I couldn't access the wireless LAN from any of my machinse,
> > except from the m0n0wall box itself.
> >
> > Once outbound NAT was enabled, it worked.
> >
> > Could it be because the wireless LAN interface is 80.10.0.x?
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>