here it the part of my config that does the trick .. works perfectly for me
..
I'm using snmp with mrtg to monitor traffic ...
<filter>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp/udp</protocol>
<source>
<any/>
</source>
<destination>
<any/>
<port>161</port>
</destination>
<descr>Allow WAN SNMP</descr>
</rule>
</filter>
---------------------
try delete nat and firewall rules and recreate them ...
webgui sometimes gets buggy with the real active rules .. sometimes reboot
the system helps too.
----- Original Message -----
From: "Graeme B. Davis" <Graeme dot Davis at mci dot com>
To: "Allan D. Piske" <zyryz at zyryz dot net>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, September 21, 2004 4:44 PM
Subject: Re: [m0n0wall] SNMP from WAN?
removing the NAT rule had no effect... still times out when I try and
query via SNMP... any other ideas?
Thanks,
Graeme
----- Original Message -----
From: "Allan D. Piske" <zyryz at terra dot com dot br>
To: "Graeme B. Davis" <Graeme dot Davis at mci dot com>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, September 21, 2004 11:21 AM
Subject: Re: [m0n0wall] SNMP from WAN?
Hi,
U cant use nat to m0n0wall itself
you only need to create a firewall rule on wan interface accepting
tcp/udp
on port 161
regards,
Allan.
zyryz at zyryz dot net
----- Original Message -----
From: "Graeme B. Davis" <Graeme dot Davis at mci dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, September 21, 2004 10:07 AM
Subject: [m0n0wall] SNMP from WAN?
> I can't seem to get SNMP from the WAN side to work. I set up the
NAT
> entry along with corresponding rule, but still can't query ... any
> ideas?
>
> rdr dc0 0.0.0.0/0 port 161- 162 -> 192.168.1.1 port 161 tcp/udp/
>
> <rule>
> <interface>wan</interface>
> <protocol>tcp/udp</protocol>
> <source>
> <any/>
> </source>
> <destination>
> <address>m0n0wall</address>
> <port>161-162</port>
> </destination>
> <descr>NAT SNMP</descr>
> </rule>
> <rule>
> <protocol>tcp/udp</protocol>
> <external-port>161-162</external-port>
> <target>m0n0wall</target>
> <local-port>161</local-port>
> <interface>wan</interface>
> <descr>SNMP</descr>
> </rule>
>
>
> --------------------------------------------------------------------
-
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
> Esta mensagem foi verificada pelo E-mail Protegido Terra.
> Scan engine: VirusScan / Atualizado em 17/09/2004 / Versão: 1.5.2
> Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/
>
> E-mail classificado pelo Identificador de Spam Inteligente Terra.
> Para alterar a categoria classificada, visite
>
http://www.terra.com.br/centralunificada/emailprotegido/imail/imail.cgi?+_u=zyryz&_l=1095772219.41131.28678.corinto.terra.com.br
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.756 / Virus Database: 506 - Release Date: 8/9/2004
---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
Esta mensagem foi verificada pelo E-mail Protegido Terra.
Scan engine: VirusScan / Atualizado em 17/09/2004 / Versão: 1.5.2
Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/
E-mail classificado pelo Identificador de Spam Inteligente Terra.
Para alterar a categoria classificada, visite
http://www.terra.com.br/centralunificada/emailprotegido/imail/imail.cgi?+_u=zyryz&_l=1095796430.145464.18565.chui.terra.com.br | 