Installation

hi.

monowall 1.3b9 cd version, floppy store config, celeron 333 2 network cards and trying to get a handle on this.

lan ip is 192.168.1.40.  Wan is 192.168.1.10

internet 213.1.215.xxx > adsl modem+nat+firewall 192.168.1.1 > monowall static wan 192.168.1.10 gw 192.168.1.1 > switch > pc's  192.168.1.2

I can ping any lan ip address, cant ping mono wall wan 192.168.1.10 (thought I should be able to as per monowall fault finding diagram in some doumentation somewhere!) can ping 192.168.1.1.

Am i causing problem with this setup?  eventually want to bridge adsl modem and have monowall do it all.  If i put modem into bridge mode can i still connect to 192.168.1.1 for access and control via monowall?

have normal lan rule allow everything going out, but created a wan rule allowing everything. doesnt seem to do that job.

both interfaces are up 100 meg ok with lan ip 192.168.1.40 and wan as 192.168.1.10.

dhcp server in modem is active 192.168.1.10 to 192.168.1.250 so this should assign an ip address to the wan interface i thoought..


hmmm so much to learn. any advice or ideas please?

Minsik... so new im green!

m0n0wall is a ROUTER.  You LAN and WAN are configured to use the same network subnet.  Think about it.  How can your m0n0wall possibly ROUTE packets?  It's like getting into a cab in front of your home and asking the cab driver to take you to your home address.

CS...

so the wan will be the assigned ip address 213.2.xxx.xxx ?
Me confused!

internet > 123.2.xxx.xxx (assigned ip by isp) > modem needs ip address  on its lan in bridge mode? How can i connect to configure it after i change it? >  123.2.xxx.xxx monowall 192.168.1.40 > PC's on 192.168.1.xxx range.

sorry if this is not clear. But i am not clear.

 so id adsl modem is working as normal i need to change 192.168.1.1 to 192.168.2.1 for example? then monowall gate way will be 192.168.2.1 ?  then monowal roures packets to 192.168.1.xxx subset?

1. set your DSL modem to bridge mode.
2. set m0n0wall's WAN to Static, DHCP or PPPoE depending on your ISP.
3. set m0n0wall's LAN IP to 192.168.n.1 (it's best not to use 1 for n).
4. set m0n0wall's DHCP server for something like 192.168.n.100 to 192.168.n.199

that should get you going. if not, reset your m0n0wall config to default and start over at step 2.

CS...

thank you kindly, will gave that a go.

I was trying to have a current working setup

internet >  215.2.xxx.xxx adsl modem 192.168.1.1 > PC's

Changing things minimally then add monowall, so if problems I could bypass it or go back with as little change as possible. But it seems its change nearly everything to make it work at all.

thanks again.

you can configure it to work without bridging but you loose a lot of functionality and you will be double nating and that will sometimes cause connection problems.

1. set m0n0wall's WAN to DHCP.
2. set m0n0wall's LAN to 192.168.10.1
3. set m0n0wall's DHCP server to 192.168.10.100 - 192.168.10.199

CS...

Sorry again i am very thick!   

1) I set the adsl modem to bridged mode.  eventually made that stick.  ppp light on adsl is out as its just bridging mode. This looks ok  as I expect.
2) I set the ethernet lan address on the adsl modem lan-group 1. Set to 192.168.2.1  and  not as originally 192.168.1.1 (its the only way i can connect a PC to the configure the adsl modem, I need some sort of connection to get a PC to connect here in case it all doesnt work as it didnt!) When it was 192.168.1.1 that was the gateway that each pc connected to to get to the internet.  And with monowall address as 192.168.1.1 thats where the Pc's should contact to go out to the internet. 

3) I set monowall ip to 192.168.1.1
4) I set mono wall to use pppoe connection, set username and password ok
5) goto interfaces, see eth connection is up and a connect button. press connect button but wont connect.

I still cant figure out why monowall is not somehow connecting to 192.168.2.1 and where thats inserted, as thats what would be on the lan interface of the adsl modem!

and where does the 123.2.xxx.xxx static assigned ip address come into the system.  Do i need to set that somewhere in monowall

I tried all ppoe methods i could think of. Still couldnt get a connection from monowall to the adsl modem. link is up but wont connect.

If you are using Win-XP or some other OS the has a built-in PPPoE client, set your DSL modem for bridged mode and connect it directly to you PC (use a crossover cable if necessary).  Now run Windows "New Connection Wizard" and select: "Connect to the Internet" --- "Connect using a broadband connection that requires a user name and password".

If you can't get that to work properly, the problem is most likely your modem/bridging configuration.  Once you get this to work, switch back to your m0n0wall.

CS...

Thanks so much CS,  its working!


00000000000000000000000000000000000000000000000I tried the pppoe in windows xp and it didnt work.  I had to revert back to my original fw on the adsl modem as ther emust have been something weird as it would not connect in bridge mode at all!
after reverting to the old firmware and doing the connection ok win windows (boy that brings back modem memories!) i then ran monowall and whooosh it works now. Great stuff thanks for the guidance.

At this point there is just the outgoing rule that allows everything out and wan nothing in.

I will need to a voip rule so that will probable be one of the first things but as far as i can see rules etc will not require rebooting.

I can now see the wan interface has all the connection details on it and has the static ip address with a disconnect button. Does this reconnect on disconnection as i think the isp does a resync one a day overnight and often disconnects?

Also  simple port forwarding for email server 25 and 110 in in the list somewhere.

If i need to configure the adsl modem then i need to swap to the other ip range and plug directly into the modem (does this sound right?)

anyway thanks again mate.

Minsik.

oh yes one further question now its working.

can i revert the adsl modem lan ip address back to 192.168.1.100 for instance as it apears that monowall didnt need or use the 192.168.2.1 address anywhere i can see. also the 192.168.2.1 is only  on the 4ports adsl modem where only 1 is connected staight into the monowall extrernal address nic.
at least back in the ip range 192.168.1.xx i dont have to change the pc ip over everytime. just have to swap the pc cable directly into the back of the adsl modem, a little bit easier.