 | Configuring Multiple IP Addresses on the WAN Interface |  |
 | Although the m0n0wall webGUI only allows setting up a single IP address on the WAN interface, you can still have m0n0wall accept packets destined to secondary IP addresses. It is not necessary to tell m0n0wall to use these IP addresses on the WAN interfac |
|
|
| Configuring Access to the WebGUI on the WAN Interface | |
| In the default configuration of m0n0wall, this is disabled for security reasons.
To enable WebGUI access on the WAN interface, first switch to SSL if you haven't already. To do so, go to System -> General Setup, and change webGUI protocol from HTTP to |
|
|
| Routing Multiple Subnets Over a Site-to-Site IPSec VPN | |
| There are two ways to accomplish this. Which is most suitable depends on if you are able to summarize the subnets, and how many subnets are involved. For either way, the subnets do not need to be directly connected to m0n0wall. They can be behind a router |
|
|
| Blocking/Permitting a Range of IP Addresses in a Firewall Rule | |
| If you can summarize the IP addresses with a CIDR mask, you can enter a rule to apply to those hosts. For example, 10.0.0.8-10.0.0.15 can be summarized with 10.0.0.8/29. |
|
|
| Disabling NAT on the LAN Interface | |
| By default, the LAN interface comes with a NAT rule for all traffic on the LAN segment. If you're using public IP's on your LAN, or need to disable NAT for some other reason, enable advanced outbound NAT, under Firewall -> NAT, Outbound tab. |
|
|
| SSH Connections Time Out After Two Hours |  |
| As of 1.2b2, the TCP idle timeout for the firewall is 2.5 hours instead of the ipfilter default of 10 days (!) to keep the state table from filling up with dead connections. This value can be modified on the advanced setup page, though that is not recomme |
|
|
