Firewall/NAT

[webakbal]

Hello Friends

We have a machine with linux, that machine have configurated DNS Server, Web Server (with 4 Virtual Servers) and Scalix Server (Mail Server) in our internal network (webakbal, 192.168.0.103), and this server resolve the DNS of our web pages in the NIC.mx.

We have too a Public IP address, in our ADSL Modem, and we are using this address to solve our Public Services (DNS, Web and Mail).

Previously we are using an Router Linksys WRT54G v5, to routing all the traffic to our machine (webakbal), to resolve our services.

In m0n0wall we have the next configuration

WAN -> 200.x.x.x
LAN -> 192.168.0.110
OPT1 -> 192.168.1.1 (DMZ)

Our trouble: my configuration of m0n0wall, in the part of NAT, don't working fine,

My configuration in NAT: Inbound

Code:

If  Proto  Ext. port range  NAT IP  Int. port range  Description 
WAN  TCP  25 (SMTP)  192.168.0.103  25 (SMTP)  SMTP Akbal
WAN TCP 80 (HTTP) 192.168.0.103 80 (HTTP) Web Akbal
WAN TCP 110 (POP3) 192.168.0.103 110 (POP3) POP3 Akbal
WAN TCP 143 (IMAP) 192.168.0.103 143 (IMAP) IMAP Akbal
WAN UDP 53 (DNS) 192.168.0.103 53 (DNS) DNS Akbal

My configuration in Firewall: Rules

Code:

Proto  Source  Port  Destination  Port  Description 
*  RFC 1918 networks  *  *  *  Block private networks
UDP * * 192.168.0.103 53 (DNS) NAT DNS Akbal
TCP * * 192.168.0.103 80 (HTTP) NAT Web Akbal
TCP * * 192.168.0.103 25 (SMTP) NAT SMTP Akbal
TCP * * 192.168.0.103 110 (POP3) NAT POP3 Akbal
TCP * * 192.168.0.103 143 (IMAP) NAT IMAP Akbal

I made a port scan with the next page

http://www.upseros.com/portscan.php

And all appear closed, inclusive the ports that i previously mencionated.

Whats wrong

I attach the status.php file, generated by m0n0wall


Please help me

The rules look correct, however, your status.php indicates that you have your LAN interface Bridged to opt1 is this correct? Why?

[Update]

Hi markb,

The OPT1 interface is really briged to LAN, because i added that interface recently, previously i don't have it, and in fact, i don't use it.

Update

I add the actual status.php, in this time, i remove the OPT1 interface.

This problem seems to pop up often.  Forgive me if this has been resolved.

http://osdir.com/ml/security.firewalls.m0n0wall/2004-02/msg00649.html is another user who reports the same issue.

I am using the 1.235 version pc-generic burned to CD and using a floppy to store the configs.   

I have a similar configs set up on a Soekris monowall and confident that the configs are correct.  But here I cannot figure out what is wrong. Initially, I thought my ISP closed the ports.  But now I have seen that the router maybe the problem.

Interesting observation:   If I make the webgui port 80.  I can access the router from my external ip.   When I have it forwarded to a nat server, it fails to open.  It shows all my ports are closed, except the one to my monowall gui.

I can access through intranet, my server.   I also tried to access the external ip from an external ip vs. internally as well.

Is there some tips or problems not resolved with the PC version?   Is it related to having possibly incompatible ethernet cards?   

I cannot figure out the problem.   But if the ethernet cards are an issue, I would have assumed I couldn't access the net or anything.

Hopefully, someone can enlighten me.

Thanks!

In terms of the ARP cache solution with replacing the mac address... I am not sure what mac address I would replace.
As I have been using routers, and pcs with the cable modem.

Thanks for any input you can provide.
----------------------------------------------------------------------------------------------------------------------
After intensive research... there must be an issue with the current hardware with the software.
I am using an old 450mhz pentium system that was running windows xp with a combo motherboard with video card built in.   The ethernet board that came with the system was some davicom brand and a dlink additional card.   I was using the CDROM plus floppy disk method to access the monowall.   I tried 1.235 and 1.3b16, both which timed out the ports almost instantaneously.

I finally tried to use pfsense.org to see if there would be any difference.   For some reason, I am able to get the ports to open up, but it seemed to lag for a long time before a page would load up.   The title of the webpage would show up, but stall thereafter or be very slow when acccessing ssh or work for a period and then lag before resuming the ability to type.   

I can only assume that there is an issue with my hardware adn for those who can't figure it out... may need to try to trouble shoot what the issue is.

Cheers!

----------------
Will try to share my attempts to resolve the problem.
http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
provides some insightful information.

I will try to see what has happened, but things were kosher with a linksys router prior to using Monowall.   I am also using VMware to run the ubuntu server.   I wouldn't think it's the client's gateway issue, but I will look into that for causing the time outs.

-----------------------
So I left to pfsense for alittle bit and it did function well, but I was still stuck with mild disconnections (Timed Outs), but better than monowall.

Then I had an epiphany in terms of why soekris at work had no problems, but at home there was an issue.

The only difference between the two was that one was static and the other was DHCP.   So I read up on how DHCP and static differed and decided to make static ip assignments.

The results... are pending... but initial tests internally looks good.   I will have to test from outside ips, but if I don't report back... this should resolve all the woes and worries people have.

Cheers!

Thanks for making monowall great.   Keep up the good work.  I hope my contribution helps.  :^)