General Questions

If anyone can help... please it would be greatly appreciated. I have a VSAT setup and the modem from the ISP already has a DHCP Server in it. I can enable it or disable it. I have Mono after it, a few switches after that, and then the Hosts. The issue is i would like to use the DHCP server on the modem and use Mono as a "passthrough", just so i can use the firewall/ trafficshaper ability. The reason why i want to keep the DHCP in the modem is simply because the modem is not near me at all and if i need to reset it or do maintenance through the web GUI or telnet i cannot because its on a 10.11.110.xx net from the ISP and i have no clue how to configure Mono to either access that net from 192.168.22.xx or use the OPT interfaces. so why is this in the firewall section... because i have followed the directions from chapter 14 in the mono handbook and it seems like my firewall stuff is not right. Can someone please shed some light on this for me?

Hello, Will.
Honestly, you should setup the modem to be a passthrough if you can, it will make it easier for the M0n0wall to do it's job. But, if you want to use M0n0wall as a passthrough, you still can. Attach the modem's lan port to the M0n0's WAN port. Leave DHCP running on the modem. Set up M0n0 to grab an internet address from the modem on WAN. Now you should be able to get into the M0n0 from a PC on the LAN side, and still access your modem's GUI.
Method #2:
Set your modem to static lan address and disable DHCP server. In M0n0, set the WAN address to be on the same subnet as the modem. You should be able to access the modem's web GUI. And if the modem has special configurations for routing, you can make it route incoming connections to your M0n0's WAN address, and set up M0n0's routing to forward those connections to hosts in your LAN.
Even in passthrough mode on the modem, you should still be able to see the Web GUI from the LAN side of M0n0, as the modem GUI is being queried from the trusted side of your network on a private IP outside of the firewall (M0n0). At my office we use a firewall/router with VPN and we can still access the cable modem from our LAN as explained above.

thanks for your response. i will try that as soon as i can... one question though can you please walk me through creating a static route in mono? i followd the directions on the FAQ and in the ARP table i see the IP for the modem and for the WAN port. and also to get to the modem am i typing in the address of the modem (eg. 10.11.110.129) or a LAN adress that would be routed? Thanks in advance!

Will

thanks for your response. i will try that as soon as i can... one question though can you please walk me through creating a static route in mono? i followd the directions on the FAQ and in the ARP table i see the IP for the modem and for the WAN port. and also to get to the modem am i typing in the address of the modem (eg. 10.11.110.129) or a LAN adress that would be routed? Thanks in advance!

Will

Under Proxy ARP it states that the feature isn't needed if you are using PPPoE. So don't use it if you are DSL. Next, check the NAT section under firewall. Make sure your settings are for what you want to do. By "static route" I'm guessing that you are trying to use a server. Is this what you are trying to do? Did you set the firewall rules to pass the packets from your modified NAT?
Yes, you should be able to get to 10.11.x.x although usually I see 10.0.x.x  or 10.10.x.x networks on modems. Our cable modem is behind (untrusted WAN side) our firewall and we can get to it at 10.10.1.1 I believe. Another customer has the same configuration although the modem IS doing routing so the WAN in that case is bound to 10.10.1.2 or something.