General Questions

Hi,

We're using 1.231 on an old PII box as firewall, which connects to a switch which in turn connect to fiber optics. The box usually runs fine for weeks, then would suddenly refuse to NAT incoming connections. We have another Win2000 box under the switch, which we can VNC into without problem, so I think this is not a problem with the ISP. And via this Win2000 box we can bring up m0n0wall's admin GUI without problem, so the m0n0wall box is not dead. We can ping LAN box behind the firewall via m0n0wall's ping utility, so LAN connection seems to be fine. We can also ping ISP's gateway from the m0n0wall box. Thus every connection seems to be fine, but the NAT just refuses to work.

I wonder what should be the steps to debug this problem? Nothing interesting in the logs, and a reboot does seem to fix the problem, but sometimes it went back after a few hours of NAT. We don't have traffic shaper or anything fancy, just Inbound NAT, Server NAT, 1:1 NAT.

Thanks

I would try some newer hardware and the latest 1.3b8

i have 1.3b9 and have nat incoming pointing to port 25 and 110 for an email server. That appears to work ok for me.

Hope this is some help.

Minsik.

When it stops working, make sure you can still connect from the LAN side. If not, it's a service problem on that machine. If so, it could still be a problem with the service on the internal machine, at that point you'll need to capture the network traffic on the affected internal machine to see if the traffic is making it there. I would assume it probably does and something periodically goes wrong on the host itself.