On Sunday, October 10, 2004, 12:21:53 AM, db at netcon dot net dot au <db at netcon dot net dot au> wrote:

dnna> I'm hoping to get some help for a problem I can't solve.  I've only used
dnna> m0n0 for one day and I'm not a real expert on routing, etc, so you'll have
dnna> to pardon my ignorance in some areas.  I connect to an ISP that routes a
dnna> small netblock to me.  I have some computers on the lan using private IP's
dnna> that are working fine, and I need to route the small netblock elsewhere,
dnna> here's what I've done so far.

dnna> Let's say the routed netblock is 203.1.2.120/30, it needs to be open to the
dnna> Internet because there's a bridge to server with its own NAT and firewall.

dnna> wan: ppoe/adsl connection.
dnna> lan: 10.10.10.0/24, all PC's can access the Internet.
dnna> opt1: ip set to 203.1.2.121/30   problem :(    203.1.2.122 is on the other
dnna> end of a wireless bridge that connects to opt1

dnna> I can ping and trace 203.1.2.121 from anywhere, but I can't ping 203.1.2.122
dnna> at all, trace from outside shows it stops at my wan ip number, trace from
dnna> the lan doesn't get anywhere.

dnna> I enabled advanced outbound NAT and entered  a rule in to make the lan work.
dnna> In the firewall I've allowed * out of opt1, and I allow anything with the
dnna> destination of 203.1.2.120/30 to come in the wan connection.

dnna> Actually, I've given myself another clue by typing that and reading it back,
dnna> but I'd still appreciate any help as I need to get this running fairly
dnna> quickly.

Have you tried using a filtered bridge by Bridging OPT1 to the WAN
interface rather than setting the IP address and turning on the
Filtering bridge checkbox on the Advanced options page ?

(BTW if you do try this, then when adding rules for the filtered bridge
it seems to work best if you add incomming packet rules to the WAN
interface and outgoing rules to the OPT1 interface)

-- 
 Matchstick
 matchstick at oofg dot com