|
osdir.com mailing list archive |
|
Subject: DSL (PPPoE) Connection problems - msg#00137List: security.firewalls.m0n0wallMy ISP is Bellsouth.net and I'm subscribed to 3mbit/384kbit service and seem to be able to reach maximum speeds without problems. I don't appear to have these connection issues with the modem hooked directly into my XP Pro machine using its integrated PPPoE protocol. Here's a m0n0wall log from the point at which it indicates problems, all the way until it establishes a working connection again: http://bellsouthpwp.net/d/i/diehlr/m0n0wall.txt I'm on digest, so replies won't be seen until later tonight, thanks! -Rob Diehl Thread at a glance:
Previous Message by Date: click to view message previewRe: Problem getting m0n0wall to workWhen the m0n0wall device is hooked up to your cable/dsl modem can you ping your gateway from the exec.php page? -Rob ----- Original Message ----- From: "blaue0" <me@xxxxxxxxxx> To: "Graham Dunn" <gdunn@xxxxxxxxxxxxx> Cc: <m0n0wall@xxxxxxxxxxxxx> Sent: Thursday, August 05, 2004 1:10 PM Subject: Re: [m0n0wall] Problem getting m0n0wall to work > Yes that's all correct. > > I've changed the configuration as you said. If I ping the box when it's > connected to the switch using a patch cable, the LED is flickering in a > regularly time (one time per second). I think the packets arrive a the > box, but it seams that the box doesn't accept these.. > > Graham Dunn wrote: > > >On Thu, Aug 05, 2004 at 06:34:48PM +0200, blaue0 wrote: > > > > > >>Yes, I do. > >> > >> > > > >OK, so to summarize: > > > >- sis0 on the m0n0wall works when you plug a crossover cable between it > > and the gentoo box. > > > >- sis0 won't work when you plug it into a switch. > > > >- the patch cable is known good. > > > >- the switch ports work (tested between laptop and gentoo). > > > >What's the WAN interface on your m0n0box? Can you swap the LAN and WAN > >interfaces and see if that works? > > > >Graham > > > > > > > >>Graham Dunn wrote: > >> > >> > >> > >>>On Thu, Aug 05, 2004 at 03:56:44PM +0200, blaue0 wrote: > >>> > >>> > >>> > >>> > >>>>If I run your commands and put in the cable to the switch, I get no > >>>>connection, no LEDs are green, no flickering, nothing. > >>>>No matter if half or fullduplex... > >>>> > >>>> > >>>> > >>>> > >>>You're replacing the cross over with a normal patch when you do that, > >>>right? > >>> > >>> > >>> > >>> > >>> > >>>>Graham Dunn wrote: > >>>> > >>>> > >>>> > >>>> > >>>> > >>>>>On Thu, Aug 05, 2004 at 03:01:21PM +0200, blaue0 wrote: > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>I'm using a noname-switch which can do 10 and 100mbit fullduplex. All > >>>>>>ports are ok, I get a ping from my laptop to my gentoo machine on all > >>>>>>ports (just tested). > >>>>>> > >>>>>>If I ping the m0n0wall when it's directly connected to the switch, all > >>>>>>LEDs of the switch where a computer is connected to, begin to flicker > >>>>>>(I think this is because no port wants to accept the packet..) > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>All ports flickering usually means broadcast traffic. > >>>>> > >>>>>My guess is that the sis card in the m0n0wall isn't negotiating > >>>>>correctly with the switch. > >>>>> > >>>>>So, connect the m0n0 to your gentoo directly with a cross over cable, > >>>>>go to http://m0n0-ip/exec.php and > >>>>> > >>>>>ifconfig sis0 media 100BaseTX mediaopt full-duplex > >>>>> > >>>>>Then unplug the cross over, and plug both machines into the switch. > >>>>> > >>>>>If that doesn't work, try > >>>>> > >>>>>... mediaopt half-duplex > >>>>> > >>>>>If things are happy then, you'll have to edit your config to make that > >>>>>change permanent. > >>>>> > >>>>>See > >>>>>http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=43&actionargs[]= 58 > >>>>>on how to download your config file, edit and then restore it. > >>>>> > >>>>>The ifconfig ... part will what you'll insert between > >>>>><shellcmd>...</shellcmd> tags. > >>>>> > >>>>>Graham > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>I used the switch for over a half year now, and I didn't had any > >>>>>>problems. I'm sure it has autosense for the speed. > >>>>>> > >>>>>># netstat -nr > >>>>>>Kernel IP routing table > >>>>>>Destination Gateway Genmask Flags MSS Window > >>>>>>irtt Iface > >>>>>>192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 > >>>>>>0 eth0 > >>>>>>127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 > >>>>>>0 lo > >>>>>>0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 > >>>>>>0 eth0 > >>>>>> > >>>>>>Graham Dunn wrote: > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>>>On Thu, Aug 05, 2004 at 02:47:14PM +0200, blaue0 wrote: > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>>># mii-tool eth0 > >>>>>>>>eth0: negotiated 100baseTx-FD, link ok > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>What type of switch are you using? > >>>>>>> > >>>>>>>When box machines are plugged into the switch, and you ping the > >>>>>>>m0n0wall, do the traffic lights on the switch flicker? > >>>>>>> > >>>>>>>Did you say you've used this switch with other machines and had it > >>>>>>>work? > >>>>>>> > >>>>>>>What's the default route (netstat -nr) on your gentoo box? > >>>>>>> > >>>>>>>Graham > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>>>Graham Dunn wrote: > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>>>On Thu, Aug 05, 2004 at 02:34:35PM +0200, blaue0 wrote: > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>>>Ok, I think it's time for some debug output: > >>>>>>>>>> > >>>>>>>>>>IP configuration of my NIC on my Gentoo machine: > >>>>>>>>>> > >>>>>>>>>># ifconfig eth0 > >>>>>>>>>>eth0 Link encap:Ethernet HWaddr 00:30:4F:2B:32:D8 > >>>>>>>>>> inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 > >>>>>>>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > >>>>>>>>>> RX packets:66308 errors:0 dropped:0 overruns:0 frame:0 > >>>>>>>>>> TX packets:56775 errors:0 dropped:0 overruns:0 carrier:0 > >>>>>>>>>> collisions:0 txqueuelen:1000 > >>>>>>>>>> RX bytes:63189031 (60.2 Mb) TX bytes:4926310 (4.6 Mb) > >>>>>>>>>> Interrupt:10 Base address:0xac00 > >>>>>>>>>> > >>>>>>>>>>and IP configuration of my m0n0wall: > >>>>>>>>>> > >>>>>>>>>>$ ifconfig sis0 > >>>>>>>>>>sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > >>>>>>>>>> inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 > >>>>>>>>>> ether 00:0d:b9:00:76:7c > >>>>>>>>>> media: Ethernet autoselect (100baseTX <full-duplex>) > >>>>>>>>>> status: active > >>>>>>>>>> > >>>>>>>>>>I really think the IP config is ok. > >>>>>>>>>>When I say all ok, I mean I can browse the web, send emails etc.. > >>>>>>>>>>(Traffic flows). > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>What does > >>>>>>>>> > >>>>>>>>>mii-tool eth0 > >>>>>>>>> > >>>>>>>>>on your gentoo say? I wonder if there's a port auto-negotiation > >>>>>>>>>wierdness happening? > >>>>>>>>> > >>>>>>>>>You may have to force your gentoo eth0 to 100BaseT full-duplex. > >>>>>>>>> > >>>>>>>>>Graham > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>>>Graham Dunn wrote: > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>>>On Wed, Aug 04, 2004 at 11:08:42PM +0200, blaue0 wrote: > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>>>Thanks a lot. First: With crossover cable from my machine to > >>>>>>>>>>>>m0n0, all works fine. > >>>>>>>>>>>>I don't know much about electronic and such stuff. I don't know > >>>>>>>>>>>>if my switch is grounded correctly, but I think it's not. > >>>>>>>>>>>> > >>>>>>>>>>>>I know, that I have to use https instead of http with HTTPS, but > >>>>>>>>>>>>it's as I said: nmap shows a completly closed firewall. Not even > >>>>>>>>>>>>one port is open. > >>>>>>>>>>>> > >>>>>>>>>>>>I'm not using the same IP subnet on WAN and LAN interface, the > >>>>>>>>>>>>LAN is 192.168.1.x and the WAN is assigned by DHCP from my cable > >>>>>>>>>>>>provider. > >>>>>>>>>>>> > >>>>>>>>>>>>I can ping the box with a crossover cable (when it's directly > >>>>>>>>>>>>connected to my machine), but I can't if it's connected to the > >>>>>>>>>>>>switch using crossover or patch cable. > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>Switch <-> machine connections will never use a crossover cable > >>>>>>>>>>>(unless > >>>>>>>>>>>the port on the switch says MDI-X, in which case you should use > >>>>>>>>>>>another > >>>>>>>>>>>port). Link lights will come on regardless of if you're using a > >>>>>>>>>>>straight-through, or crossover, so that's not a reliable > >>>>>>>>>>>diagnostic. > >>>>>>>>>>> > >>>>>>>>>>>Your cables are known good, right (I think you mentioned using > >>>>>>>>>>>them with > >>>>>>>>>>>a windows ICS setup). > >>>>>>>>>>> > >>>>>>>>>>>Make sure your machine is in the same subnet as the m0n0wall. > >>>>>>>>>>>Double > >>>>>>>>>>>check the IP and subnet settings on both the client and the > >>>>>>>>>>>m0n0wall. > >>>>>>>>>>> > >>>>>>>>>>>Make sure you're plugging the NIC you think you are into the > >>>>>>>>>>>switch (LAN > >>>>>>>>>>>vs WAN). I've made this mistake, most annoying :/ > >>>>>>>>>>> > >>>>>>>>>>>When you say "all works fine" above, do you mean that you can send > >>>>>>>>>>>traffic through the m0n0wall, or just ping it? If traffic flows, > >>>>>>>>>>>then it > >>>>>>>>>>>sounds like purely a cabling issue, or a broken switch port. > >>>>>>>>>>> > >>>>>>>>>>>Graham > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>>>Allan D. Piske wrote: > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>>>Hi, there maybe a compatibility problem with your switch and > >>>>>>>>>>>>>these adapters, > >>>>>>>>>>>>>If you connect the PC to m0n0 with the crossover cable it works > >>>>>>>>>>>>>or not? > >>>>>>>>>>>>>Remember that grounding can affect data communications as well, > >>>>>>>>>>>>>it's where > >>>>>>>>>>>>>important that every device interconnnected in the LAN are > >>>>>>>>>>>>>grounded. > >>>>>>>>>>>>>If PC-m0n0 works, and PC-SWITCH-m0n0 doesnt, or your switch is > >>>>>>>>>>>>>broken, or > >>>>>>>>>>>>>you have a serious grounding problem or it's simple ethernet > >>>>>>>>>>>>>adapter/switch > >>>>>>>>>>>>>imcompatibility ( did i wrote that right? ) > >>>>>>>>>>>>> > >>>>>>>>>>>>>got it? > >>>>>>>>>>>>> > >>>>>>>>>>>>>sorry about my english too, it's not my primary language. > >>>>>>>>>>>>> > >>>>>>>>>>>>>regards, > >>>>>>>>>>>>> > >>>>>>>>>>>>>Allan. > >>>>>>>>>>>>> > >>>>>>>>>>>>>----- Original Message ----- > >>>>>>>>>>>>>From: "blaue0" <me@xxxxxxxxxx> > >>>>>>>>>>>>>To: <m0n0wall@xxxxxxxxxxxxx> > >>>>>>>>>>>>>Sent: Wednesday, August 04, 2004 5:16 PM > >>>>>>>>>>>>>Subject: Re: [m0n0wall] Problem getting m0n0wall to work > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>>>Yes, I'm sure that they are good, I get a connection with these > >>>>>>>>>>>>>>cables > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>from my machine. > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>>>Unfortunately I don't have any hub or something like that. > >>>>>>>>>>>>>>It does light up on the switch with both cables, with both > >>>>>>>>>>>>>>cables > >>>>>>>>>>>>>>the light on the switch does flicker a bit... don't know if > >>>>>>>>>>>>>>this is > >>>>>>>>>>>>>>important. > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>I really know the difference between a crossover and a patch > >>>>>>>>>>>>>>cable :) > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>You said, pinging is disabled by default. If my machine is > >>>>>>>>>>>>>>connectet to > >>>>>>>>>>>>>>the m0n0 by crossover cable, then I get a ping to it. Browsing > >>>>>>>>>>>>>>to the > >>>>>>>>>>>>>>webinterface doesn't work at all with both cables... > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>Seth Rothenberg wrote: > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>>Are you sure that all the cables you tried are good? > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>Do you have any other test equipment available? > >>>>>>>>>>>>>>>eg, a hub, with or without an uplink.... > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>the PC engines should light up a port on the hub > >>>>>>>>>>>>>>>with one cable or the other. > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>You didn't mention if you are knowledgable about > >>>>>>>>>>>>>>>cables. You can check by eye if it is a crossover. > >>>>>>>>>>>>>>>If the orange and/or green are reversed from one > >>>>>>>>>>>>>>>end to the other, it is crossover. > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>You can test 2 crossover cables with a coupler > >>>>>>>>>>>>>>>on a regular cable run. > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>>These are just some ideas to try... > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>> > >>>>>>>>>>>>>>-------------------------------------------------------------- ------- > >>>>>>>>>>>>>>To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > >>>>>>>>>>>>>>For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>Esta mensagem foi verificada pelo E-mail Protegido Terra. > >>>>>>>>>>>>>>Scan engine: VirusScan / Atualizado em 04/08/2004 / Vers?o: > >>>>>>>>>>>>>>1.5.2 > >>>>>>>>>>>>>>Proteja o seu e-mail Terra: > >>>>>>>>>>>>>>http://www.emailprotegido.terra.com.br/ > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>E-mail classificado pelo Identificador de Spam Inteligente > >>>>>>>>>>>>>>Terra. > >>>>>>>>>>>>>>Para alterar a categoria classificada, visite > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>http://www.terra.com.br/centralunificada/emailprotegido/imail/i mail.cgi?+_u=zyryz&_l=1091650706.438850.21046.gravatal.terra.com.br > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>> > >>>>>>>>>>>>---------------------------------------------------------------- ----- > >>>>>>>>>>>>To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > >>>>>>>>>>>>For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>----------------------------------------------------------------- ---- > >>>>>>>>>>>To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > >>>>>>>>>>>For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>-------------------------------------------------------------------- - > >>>>>>>>To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > >>>>>>>>For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>--------------------------------------------------------------------- > >>>>>To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > >>>>>For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>> > >>> > >>> > >>> > >>> > > > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx > For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > > Next Message by Date: click to view message previewRe: Problem getting m0n0wall to workThe cable modem is connected with a patch ethernet cable directly to the wall. The wall is connected with a crossover ethernet cable directly to my Gentoo machine, hope this is what you meant. PING 217.162.240.1 (217.162.240.1): 56 data bytes 64 bytes from 217.162.240.1: icmp_seq=0 ttl=255 time=5.153 ms 64 bytes from 217.162.240.1: icmp_seq=1 ttl=255 time=6.567 ms 64 bytes from 217.162.240.1: icmp_seq=2 ttl=255 time=6.848 ms --- 217.162.240.1 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 5.153/6.189/6.848/0.742 ms Robert Staph wrote: When the m0n0wall device is hooked up to your cable/dsl modem can you ping your gateway from the exec.php page? -Rob ----- Original Message ----- From: "blaue0" <me@xxxxxxxxxx> To: "Graham Dunn" <gdunn@xxxxxxxxxxxxx> Cc: <m0n0wall@xxxxxxxxxxxxx> Sent: Thursday, August 05, 2004 1:10 PM Subject: Re: [m0n0wall] Problem getting m0n0wall to work Yes that's all correct. I've changed the configuration as you said. If I ping the box when it's connected to the switch using a patch cable, the LED is flickering in a regularly time (one time per second). I think the packets arrive a the box, but it seams that the box doesn't accept these.. Graham Dunn wrote: On Thu, Aug 05, 2004 at 06:34:48PM +0200, blaue0 wrote: Yes, I do. OK, so to summarize: - sis0 on the m0n0wall works when you plug a crossover cable between it and the gentoo box. - sis0 won't work when you plug it into a switch. - the patch cable is known good. - the switch ports work (tested between laptop and gentoo). What's the WAN interface on your m0n0box? Can you swap the LAN and WAN interfaces and see if that works? Graham Graham Dunn wrote: On Thu, Aug 05, 2004 at 03:56:44PM +0200, blaue0 wrote: If I run your commands and put in the cable to the switch, I get no connection, no LEDs are green, no flickering, nothing. No matter if half or fullduplex... You're replacing the cross over with a normal patch when you do that, right? Graham Dunn wrote: On Thu, Aug 05, 2004 at 03:01:21PM +0200, blaue0 wrote: I'm using a noname-switch which can do 10 and 100mbit fullduplex. All ports are ok, I get a ping from my laptop to my gentoo machine on all ports (just tested). If I ping the m0n0wall when it's directly connected to the switch, all LEDs of the switch where a computer is connected to, begin to flicker (I think this is because no port wants to accept the packet..) All ports flickering usually means broadcast traffic. My guess is that the sis card in the m0n0wall isn't negotiating correctly with the switch. So, connect the m0n0 to your gentoo directly with a cross over cable, go to http://m0n0-ip/exec.php and ifconfig sis0 media 100BaseTX mediaopt full-duplex Then unplug the cross over, and plug both machines into the switch. If that doesn't work, try ... mediaopt half-duplex If things are happy then, you'll have to edit your config to make that change permanent. See http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=43&actionargs[]= 58 on how to download your config file, edit and then restore it. The ifconfig ... part will what you'll insert between <shellcmd>...</shellcmd> tags. Graham I used the switch for over a half year now, and I didn't had any problems. I'm sure it has autosense for the speed. # netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 Graham Dunn wrote: On Thu, Aug 05, 2004 at 02:47:14PM +0200, blaue0 wrote: # mii-tool eth0 eth0: negotiated 100baseTx-FD, link ok What type of switch are you using? When box machines are plugged into the switch, and you ping the m0n0wall, do the traffic lights on the switch flicker? Did you say you've used this switch with other machines and had it work? What's the default route (netstat -nr) on your gentoo box? Graham Graham Dunn wrote: On Thu, Aug 05, 2004 at 02:34:35PM +0200, blaue0 wrote: Ok, I think it's time for some debug output: IP configuration of my NIC on my Gentoo machine: # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:30:4F:2B:32:D8 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:66308 errors:0 dropped:0 overruns:0 frame:0 TX packets:56775 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:63189031 (60.2 Mb) TX bytes:4926310 (4.6 Mb) Interrupt:10 Base address:0xac00 and IP configuration of my m0n0wall: $ ifconfig sis0 sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 ether 00:0d:b9:00:76:7c media: Ethernet autoselect (100baseTX <full-duplex>) status: active I really think the IP config is ok. When I say all ok, I mean I can browse the web, send emails etc.. (Traffic flows). What does mii-tool eth0 on your gentoo say? I wonder if there's a port auto-negotiation wierdness happening? You may have to force your gentoo eth0 to 100BaseT full-duplex. Graham Graham Dunn wrote: On Wed, Aug 04, 2004 at 11:08:42PM +0200, blaue0 wrote: Thanks a lot. First: With crossover cable from my machine to m0n0, all works fine. I don't know much about electronic and such stuff. I don't know if my switch is grounded correctly, but I think it's not. I know, that I have to use https instead of http with HTTPS, but it's as I said: nmap shows a completly closed firewall. Not even one port is open. I'm not using the same IP subnet on WAN and LAN interface, the LAN is 192.168.1.x and the WAN is assigned by DHCP from my cable provider. I can ping the box with a crossover cable (when it's directly connected to my machine), but I can't if it's connected to the switch using crossover or patch cable. Switch <-> machine connections will never use a crossover cable (unless the port on the switch says MDI-X, in which case you should use another port). Link lights will come on regardless of if you're using a straight-through, or crossover, so that's not a reliable diagnostic. Your cables are known good, right (I think you mentioned using them with a windows ICS setup). Make sure your machine is in the same subnet as the m0n0wall. Double check the IP and subnet settings on both the client and the m0n0wall. Make sure you're plugging the NIC you think you are into the switch (LAN vs WAN). I've made this mistake, most annoying :/ When you say "all works fine" above, do you mean that you can send traffic through the m0n0wall, or just ping it? If traffic flows, then it sounds like purely a cabling issue, or a broken switch port. Graham Allan D. Piske wrote: Hi, there maybe a compatibility problem with your switch and these adapters, If you connect the PC to m0n0 with the crossover cable it works or not? Remember that grounding can affect data communications as well, it's where important that every device interconnnected in the LAN are grounded. If PC-m0n0 works, and PC-SWITCH-m0n0 doesnt, or your switch is broken, or you have a serious grounding problem or it's simple ethernet adapter/switch imcompatibility ( did i wrote that right? ) got it? sorry about my english too, it's not my primary language. regards, Allan. ----- Original Message ----- From: "blaue0" <me@xxxxxxxxxx> To: <m0n0wall@xxxxxxxxxxxxx> Sent: Wednesday, August 04, 2004 5:16 PM Subject: Re: [m0n0wall] Problem getting m0n0wall to work Yes, I'm sure that they are good, I get a connection with these cables from my machine. Unfortunately I don't have any hub or something like that. It does light up on the switch with both cables, with both cables the light on the switch does flicker a bit... don't know if this is important. I really know the difference between a crossover and a patch cable :) You said, pinging is disabled by default. If my machine is connectet to the m0n0 by crossover cable, then I get a ping to it. Browsing to the webinterface doesn't work at all with both cables... Seth Rothenberg wrote: Are you sure that all the cables you tried are good? Do you have any other test equipment available? eg, a hub, with or without an uplink.... the PC engines should light up a port on the hub with one cable or the other. You didn't mention if you are knowledgable about cables. You can check by eye if it is a crossover. If the orange and/or green are reversed from one end to the other, it is crossover. You can test 2 crossover cables with a coupler on a regular cable run. These are just some ideas to try... -------------------------------------------------------------- ------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx Esta mensagem foi verificada pelo E-mail Protegido Terra. Scan engine: VirusScan / Atualizado em 04/08/2004 / Vers?o: 1.5.2 Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/ E-mail classificado pelo Identificador de Spam Inteligente Terra. Para alterar a categoria classificada, visite http://www.terra.com.br/centralunificada/emailprotegido/imail/i mail.cgi?+_u=zyryz&_l=1091650706.438850.21046.gravatal.terra.com.br ---------------------------------------------------------------- ----- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx ----------------------------------------------------------------- ---- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx -------------------------------------------------------------------- - To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx Previous Message by Thread: click to view message previewFeature requestHi, I posted this before but no one responded ... I've a particular interest in a feture such like having bridge support on WAN interface, the way that i can use m0n0wall as a filtering bridge on a network .. without needing to subnetting or changing ip address. filter and traffic shapping should work fine on filtering bridge interfaces .. i already used that config using a FBSD box. Another one is .. i was doing some testing on bridging vlans but it seems that it doesn't work the way it should .. i dont know if it's m0n0wall thats buggy or fbsd ... like .. vlan1 and vlan2 both tagged on same NIC .. and a host on untagged port on vlan1 and another one on untagged port on vlan2 cannot comunicate using m0n0wall as bridge. ( I was trying to do some bandwidth limiting using that, but for some reason it doenst work for me. ) regards, Allan. Next Message by Thread: click to view message previewRe: DSL (PPPoE) Connection problemsi experience the same not solved yet, though. search for "speedtouch" in the mailing list archive. a few people gave suggestions on how to solve that, but i still have my soekris off and i can't run this thing it looks like the main problem (to me, at least) is that the IP provided by the ISP dhcp server resides on a network, but the gateway ip is external to this network. i hook windows XP to the router and it works fine mac OS X works great, i'd say piece of cake Fedora works, u just need to add a route to the network and set the default gw looks like freebsd kernels can't accept this thing, and if u try adding the routes manually it works for half a second and then dies. really can't explain, but i gave up untilf further notice (or m0n0 update to overcome this issue) wish u good luck (u'll need much if your case is like mine) ciao.ubi On Aug 5, 2004, at 7:23 PM, Rob Diehl wrote: I am having problems with my DSL connection hanging and restarting with m0n0wall running on a Soekris 4521. My DSL router is an older Alcatel Speedtouch Home. My ISP is Bellsouth.net and I'm subscribed to 3mbit/384kbit service and seem to be able to reach maximum speeds without problems. I don't appear to have these connection issues with the modem hooked directly into my XP Pro machine using its integrated PPPoE protocol. Here's a m0n0wall log from the point at which it indicates problems, all the way until it establishes a working connection again: http://bellsouthpwp.net/d/i/diehlr/m0n0wall.txt I'm on digest, so replies won't be seen until later tonight, thanks! -Rob Diehl --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx Loading Comments...
|
|
