[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Aaron <lists at mycommunitynet dot net>
 Cc:  m0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Some network configuration help
 Date:  Sun, 3 Oct 2004 05:02:34 -0400
On Sat, 2 Oct 2004 23:34:24 -0700, Aaron <lists at mycommunitynet dot net> wrote:
> I think I will just map the 1:1 to IP's outside of the DHCP range. Then
> I can give people an IP to use for a "public" ip.. I haven't had to
> deal with any security problems, so accountability is not a huge
> problem as of now.

Yeah but if the guys in black suits come knocking on your door it'll
be too late.  :)

> Would I have to assign some kind of route or give the WAN port another
> IP that lies in the address range? I can't get to the DSL
> modem even though I have block private networks turned off. The WAN IP
> of the monowall is not an RFC 1918 address...it's public. How would
> mono know how to get to the dsl modem?

Ah, didn't think that through well enough.  Aside from not blocking
private networks, you'll have to give your WAN a 192.168.1.x IP
address.  As is now, it's trying to get to through your
ISP's router, which isn't going to route back to you.

Follow the instructions on this previous page to add an alias to your
WAN interface of

Then it'll work.  

> No, I mean less...it gets pretty crappy once it hits 50% utilization
> and is not good at all long before than. The ADSL is FAR better and
> will push much closer to it's limits without affecting everybody than
> the SDSL does...and it costs almost 3x as much!! I'll take the hit on
> upstream as long as the ADSL proves to be as stable.

That's a bad ISP.  I have several clients on SDSL, it's not a problem
inherent in the technology itself (which in most cases I've seen is as
solid as a T1, just takes more time to get service restored when it
(rarely) goes down)