HELP: Can Monowall do both NAT and public IP routing at the same time?

From:	"Steve Discher" <steve at acsfiber dot com>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	HELP: Can Monowall do both NAT and public IP routing at the same time?
Date:	Tue, 12 Oct 2004 09:42:15 -0500

I would like to multinet the LAN interface of the monowall router using both
routable and private subnets.  

I set it up as follows:
 
WAN: Routable Static IP
LAN: Private IP 192.168.10.1  (on a /24 subnet)
OPT3: VLAN1 on the physical LAN port with a public IP 12.144.201.65 (on a
/26 subnet)
 
I turned on Advanced Outbound routing and added a rule for outbound NAT on
the LAN interface like this:

Interface	 Source	 	Destination	    Target

WAN 		192.168.10.0/24 	* 			* 	

I added a firewall rule for the OPT3 interface like:

Proto Source 	Port Destination 		Port  
  *  	OPT3 net  	*  	*  			*  

And the LAN interface like:
Proto Source 	Port Destination 		Port  
  *  	LAN net  	*  	*  			*  

The private subnet works fine and I can ping the OPT3 interface from the
outside but none of the hosts on the OPT3 subnet.  A traceroute to a host on
the OPT3 subnet stops at the WAN.  What am I doing wrong?


You can see the output of my status.php here:

http://12.144.195.21/status.php


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.774 / Virus Database: 521 - Release Date: 10/7/2004