|
osdir.com mailing list archive |
|
Subject: Re: NAT ip's not in LAN subnet - msg#00317List: security.firewalls.m0n0wallOn Thu, 12 Aug 2004 JSimoneau@xxxxxxxxx wrote: > the other location, he has set the gateway on their router to be > 200.1.40.93. I just want the PC's on the 200.1.41.x network to be NAT'd > through this interface to the internet. you'd need to use advanced outbound NAT for this. also, be sure that the m0n0wall can see the PCs on the 200.1.41.0/24 network and vice-versa. you may need to add a static route on the m0n0wall for this. Regards, /\_/\ "All dogs go to heaven." dinesh@xxxxxxxxxxxx (0 0) http://www.alphaque.com/ +==========================----oOO--(_)--OOo----==========================+ | for a in past present future; do | | for b in clients employers associates relatives neighbours pets; do | | echo "The opinions here in no way reflect the opinions of my $a $b." | | done; done | +=========================================================================+ Thread at a glance:
Previous Message by Date: click to view message previewRE: Reach web InterfaceYes you have to add a rule for https to your wan interface so you can get to the admin page. Mark Spieth - Director of Internet Services Northeast Ohio Digital Inc. http://www.neod.net mspieth@xxxxxxxx 330-830-6551 CONFIDENTIALITY NOTICE: The materials attached hereto are confidential and the property of the sender. The information contained in the attached materials is privileged and/or confidential and is intended only for the use of the above-named individual(s) or entity(ies). If you are not the intended recipient, be advised that any unauthorized disclosure, copying, distribution or the taking of any action in reliance on the contents of the attached information is strictly prohibited. If you have received this transmission in error, please discard the information immediately -----Original Message----- From: Eric Gregory [mailto:eric@xxxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, August 12, 2004 1:06 PM Cc: m0n0wall@xxxxxxxxxxxxx Subject: [m0n0wall] Reach web Interface I have a monowall up and running. Outside interface is xxx.xxx.xxx.233 public IP with a 255.255.255.240 and inside is 192.168.0.1 with a 255.255.255.0 netmask. everything is working great except that if I try to reach the webgui which is running https from outside the network I can't get to it. Is there a change that needs to be made in the firewalls or something. I need to be able to do this from outside since I'm looking at putting Monowall in several remote locations and will need to administer from my home office. Any help is appreciated. Thanks ERic Andrew Greenwood wrote: >I recently downloaded the latest beta of m0n0wall, but am unable to upgrade >my existing one (b16) using the firmware upgrade page. It claims the image >file is corrupt on the first attempt, and then on the second attempt reboots >to its existing version. > >Any ideas? > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx >For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx Next Message by Date: click to view message previewRe: Help with configurationHello Patrik I think you just have to copy the settings of the "Default LAN -> any" rule to the other interfaces. Bridging isn't required. Patrik wrote: to configure this? I would like every computer to communicate to each other. Previous Message by Thread: click to view message previewNAT ip's not in LAN subnetGreetings, I have implemented a m0n0wall at a customer site and everything so far is good. The LAN subnet at the customer site is 200.1.40.x 24 bits. This company is part of a larger corporation, which has several sites. We have another site which is connected via a private line, which uses 200.1.41.x 24 bits. Right now, computers at 200.1.41.x can ping servers on the 200.1.40.x network, and are proxying through one of those servers (200.1.40.60) to get to the internet. They very much want to get rid of the proxy, as it is failing constantly and very unstable at this point. We want to NAT those workstations on the 200.1.41.x subnet through our router, instead of having them proxy through the 200.1.40.60 server. Can this be done? How so? I have tried some things but nothing works, and people are starting to get a little bit impatient! Any tips at all? The m0n0wall LAN interface is 200.1.40.93. According to the netadmin at the other location, he has set the gateway on their router to be 200.1.40.93. I just want the PC's on the 200.1.41.x network to be NAT'd through this interface to the internet. Many thanks, Josh Next Message by Thread: click to view message previewRE: Reach web InterfaceYes you have to add a rule for https to your wan interface so you can get to the admin page. Mark Spieth - Director of Internet Services Northeast Ohio Digital Inc. http://www.neod.net mspieth@xxxxxxxx 330-830-6551 CONFIDENTIALITY NOTICE: The materials attached hereto are confidential and the property of the sender. The information contained in the attached materials is privileged and/or confidential and is intended only for the use of the above-named individual(s) or entity(ies). If you are not the intended recipient, be advised that any unauthorized disclosure, copying, distribution or the taking of any action in reliance on the contents of the attached information is strictly prohibited. If you have received this transmission in error, please discard the information immediately -----Original Message----- From: Eric Gregory [mailto:eric@xxxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, August 12, 2004 1:06 PM Cc: m0n0wall@xxxxxxxxxxxxx Subject: [m0n0wall] Reach web Interface I have a monowall up and running. Outside interface is xxx.xxx.xxx.233 public IP with a 255.255.255.240 and inside is 192.168.0.1 with a 255.255.255.0 netmask. everything is working great except that if I try to reach the webgui which is running https from outside the network I can't get to it. Is there a change that needs to be made in the firewalls or something. I need to be able to do this from outside since I'm looking at putting Monowall in several remote locations and will need to administer from my home office. Any help is appreciated. Thanks ERic Andrew Greenwood wrote: >I recently downloaded the latest beta of m0n0wall, but am unable to upgrade >my existing one (b16) using the firmware upgrade page. It claims the image >file is corrupt on the first attempt, and then on the second attempt reboots >to its existing version. > >Any ideas? > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx >For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall-unsubscribe@xxxxxxxxxxxxx For additional commands, e-mail: m0n0wall-help@xxxxxxxxxxxxx Loading Comments...
|
|
