General Questions

Hello,

I am trying to aceess my cable modem IP from inside the firewall ( according to http://wiki.m0n0.ch/wikka.php?wakka=AccessingModemOutsideFirewall )
but I does not yet work :-(


Is for that scenario - beside the advanced outbound NAT - as well a (normal) rule required?


Thank's a lot for any help!

John

Can you provide some more information about your network setup.  What are the segments? How are you using the DSL modem? Are you passing your external IP through?

Thank's markb for the reply!


The IP's of my current network are the followings:

- internal IP of m0n0wall: 192.168.0.7
- machines in my network: 192.168.0.1 / 192.168.0.2 /192.168.0.3 /
- IP of the ZyXel router (that I am trying to access) : 192.168.1.1


According to
http://wiki.m0n0.ch/wikka.php?wakka=AccessingModemOutsideFirewall
I did the following steps:

# 192.168.0.7/exec.php
# ifconfig
# ifconfig vr1 inet 192.168.2/24 alias

see screenshot:

There's another solution...

If your monowall has a free OPT interface.. just bridge it with WAN.
So if you need to check your modem just connect to the OPT.

cu, Stefan

I failed to answer markb's questions correctly. 2 try...


DSL-modem (ZyXEL P600R-D3):
- Bridge Mode
- DynDNS service/client ( from DynDNS.org )

m0n0wall:
- PPPoE
- outbound NAT ( http://wiki.m0n0.ch/wikka.php?akka=AccessingModemOutsideFirewall )


Thank you very much for any help!

John

Glad you added that other post as I was in the middle of typing a reply.
In this case, you need the second half of the document you originally linked to, the part titles "Using PPPoE or PPTP for outside IP address". I have set this up myself and got it working, so hopefully should be able to get it working.

From your second post it looks like you have looked at the first part of the document not the second.  For PPPoE you can skip the static IP part.  If you backed up your config, restore it and try again with the second part.

Ok, I created an optional OUT interface (with the WAN interface VR1) with the IP 192.168.2.0 and the 2 advanced Outbound NAT rules (normal LAN NAT and modem NAT)
but it's not yet working (to ping and access the modem behind m0n0wall. Pls see screenshots) ....


- optional Out interface: 192.168.2.0  ( is that IP ok?? )
- internal IP of m0n0wall: 192.168.0.7
- machines in my network: 192.168.0.1 / 192.168.0.2 /192.168.0.3 /
- IP of the ZyXel router (that I am trying to access) : 192.168.1.1


Any additonal help is appreciated very much!

John

Hello,

that are the 2 advanced Outbound NAT rules (normal LAN NAT and modem NAT)
(which I could - due to attachment space limitation - not attach to my last post.

John

Hi, no that IP will not work. 192.168.2.0 is a network address and not an IP address.  It also needs to be in the same subnet as your DSL modem.  I would suggest that you change it to 192.168.1.2/24 and try that.

Thank you very much markb for you help! Pinging the modem (192.168.1.1) finally works :-)

But accessing the modem with the webbrowser (http://192.168.1.1) not yet... (error message: "Protected Object"). Pls see screenshot.
As I understand, as long as no additional rules are prohibiting http-access to 192.168.1.1, it should work.. Pls see screenshot.

Any idea what I am doing wrong?


Thank you very much!

John

Looking closer at the outbound mapping for the NAT on the OUT interface, I think that the target should be 192.168.1.2 (Your interface IP)  Try this.

Now everything is working :-)

Thank you so much markb for your help!


John

No problem. Thanks for getting back and letting us know it's sorted.

One thing I forgot to ask...

Later on I would like to attach am DMZ on the third port of the ALIX 2C1 board.

Question:
Is it in this case required to add a second opt-interface (in order to be able to access the DSL modem behind m0n0wall from the internal- AND the DMZ-network) ?


Thank's for your help!


John

No, you will only have to add additional NAT rules for the DMZ