General Questions

Hello all,
     Ok this is my first attempt at setting up (what I like to call) a "real", network.  By this I mean running my server's on a different subnet than my client pc's behind monowall.  Everything is Microsoft.  What I plan to do is run my servers on the 192.168.2.0 subnet and my clients on the 192.168.1.0 subnet.  I plan on my layout to look like the following:

WAN --> Monowall --> Lan interface(192.168.1.0) --> HUB --> Router A (Linksys WRT54g 192.168.1.0 on wan port / 192.168.2.0 on Lan port) --> Servers

Now I had everything working correctly (bypass firewall rules, defined the proper ip address and gateway for the router and servers behind the router, setup the client pc's on the hub with correct ip's and gateways, and defined the static routes).

I had shut everything down in my house due to a large thunderstorm that had come through our area.  I booted everything up in sequence but my servers (all static IP's) said that another host on the network had the same address when I rebooted them.  I was able to pull up the monowall console and could ping WWW addresses.  I was able to ping my client PC's but not the router and servers.  I rebooted everything multiple times in the proper order but still had the same issue.  I check the config and everything appeared as it was when it worked.

I kept the same last octet the same and changed everything back to 192.168.1.0 subnet.  I plugged everything back into router A with it's original config.  Everything works with no multiple address issues. 

My second attempt to integrate monowall back into my network, nothing works again.  Any suggestions?

The only thing I can think of that would cause duplicate address warnings is proxy ARP entries in m0n0wall that shouldn't be there. If that's not the case, put a sniffer on the network and see what machine is responding to the gratuitous ARP which is what checks for IP conflicts on a Windows machine.

Thank you CMB,
     But I am afraid that is not it.  I have not ventured into the ARP screens yet.  So whatever is the default value for mononwall/ARP is what was running in my config.  I believe that was nothing (in ARP proxy records) from what I can tell.

So, I had to abandon my work that I put into my firewall by doing a mass reset to monowall.  No big deal, I can filter these back in when exporting the config.

I have setup my 192.168.2.0 subnet again and things appear to be working again.  This time I noticed something strange.  I have configed everything like it was above/before.  This time however, my linksys router can ping monowall but monowall does not ping my routers address of 192.168.2.1.  Monowall can however ping the 192.168.1.2 address on my linksys wan interface.  Since the static route is defined and I have bypassed the firewall for lan traffic, why is my second router unpingable?  I do have the linksys set to "router" which I believe removes the NAT portion of things.  Perhaps I am just missing something here.  Thanks!

Did you put an appropriate static route in m0n0wall for that subnet?

Yep, I have one a static route defined on both the router and the firewall to their respective counterpart subnets.  I even redid everything again to make sure I wasn't nuts.  I have the same  issue though. (At least I'm consistent).  I did however make one change to my network setup.

From my hub, I changed my connection "into" my router (192.168.2.1) to it's wan port.  For some reason, I had some strange issues when working on the routers lan side connected to monowall. 

Regardless, I am back in the same boat.  If my router's NAT was not disabled... Would I still be able to ping my router from monowall?  (I believe all the WAN filters are disabled on the router). 

Thanks for all your help
Erik