Installation

Hi,

I have a 3 subnet network in server 2003:

PUBLIC   192.168.1.x (vmware Bridged with host)
DMZ        192.168.2.x (vmware LAN seg 1)
PRIVATE  192.168.3.x (vmware LAN seg 2)

initialy the monowall vm has 2 vm nics both bridged with host I made the first one of these LAN 2 so I can make the LAN interface 192.168.3.x.

I left the other (WAN) as bridgedtohost. I set the address to static and 192.168.1.5 with g/w 192.168.1.1 which is my physical router.

But I cant ping the 192.168.1.5

here is a pic to show:

(http://img403.imageshack.us/img403/8214/kensoftvnet4.jpg)

Surely it should be on monowall

WAN = 192.168.1x
LAN = 192.168.3.x
OPT1 = 192.168.1.2x DMZ

Help please.

Cheers

Hmm...

Actually I can access the internet from the dc controller on subnet 3 (Private), and I can ping the physical router so It is actually working ok.

I just cant ping the monowall or .3 net from my host pc which is on the .1 subnet. I caould not find an option to allow/disable ping on the monowall gui, either that or something to do with static routes...

But I already have 2 static routes on the physical router that send all traffic for .2 and .3 subnets to 192.168.1.5 as gateway.

I set all pass rules (any,any,any) on wan/lan/dmz. to make monowall purely a router.

almost everything now has connectivety.

My host pc (196.168.1.2) can ping monowall wan (192.168.1.5) BUT my host pc cannot ping anything after 192.168.1.5, ie nothing on the dmz or private lan.

So how come monowall cannot forward this even with no firewall restrictions?

monowall NATs the WAN interface - you cannot ping thru to the private subnets without setting up NAT rules.