-
My setup looks similar but without the ipcop. Check your routing tables. The wireless clients should have their default gateway set to the AP. Your ipcop should have it's default gateway pointing to your internet gateway.
No need for NAT on the AP just as long as the routing is correctly setup.
-
IpCop Setup
Hi - My Google IpCop alert brought me here - nice to meet you all.
This seems to be a common IpCop scenario and the best way to sort it is to install a another NIC in the Cop, set it up as the Blue interface and attach your WAP / router here for your wireless network ONLY. Then attach a standard hub / switch to the Green interface (your old NIC) for your wired network.
Your IpCop now has two subnets using the Cop as the default gateway and, with the addition of the Blue interface, you will find extra options under the Firewall & Services webadmin tabs to control access between the Green & Blue subnets.
Hope this helps.
-
Welcome to the forum,Mick!
-
Try adding a persistant route to your static routes file. I have a smoothwall so I'm not sure where the applicable file is. In smoothwall it's at:
/var/smoothwall/ethernet/static-routes
Add this line:
route add -net 192.168.1.0 gateway 192.168.0.200 netmask 255.255.255.0
-
I am going to go out on a limb and say your "wireless ap" is actually a wireless broadband router and has NAT enabled. Thus you cant ping from 0.x to 1.x , but you should be able to ping from 1.x to 0.x. This is a basic feature of nat and unless you have a static entry with a translation it isn't possible. I recommend you follow the above suggestion and get another NIC for your ipcop box.
-
I must say that this sounds very close to my setup.
Which means that Net2Infinity is right on the money.
My setup replaces ipcop with m0n0wall but looks like this
cable -- (24.x.x.x) m0n0wall
m0n0wall1 (1.1/24) -- (1.2/24)Wireless Router
m0n0wall2 (3.1/24) -- (3.2/24)VoIP Gateway
VoIPGateway(4.1/24) -- "test subnet" (4.x/24)
Wireless Router (2.1/24) -- Home Network (2.x/24)
I'm using 4 subnets, and everything works as intended..
The NAT router is why your IPCop install doesn't know where your 1.x:8118 is. IPCop speaks to your router 0.200 and only that address... As far as IPCop is concerned, your router is the server it is speaking to... it doesn't know that anything exists behind you.
I have the same issue with my setup.. So here's what you do.
All forwarding rules/ fire exceptions in IPCop point to the wifi router interface that it can see (0.200).... Inside 0.200 you have it setup to do port forwarding to the server you want to speak with (or put a single server in the DMZ)... Everything will function properly... As I said this is my every day setup and I'm making use of plenty of servers.
-
I hate to bring up dead posts, so excuse the bad practice, but I was googling around for some different things and this came up so I thought I'd give my final solution to the problem.
There are two solutions, but one takes a little more money and it wasnt as convenient (rewiring and buying a hub). Ultimately I ended up doing a bit of both cause I wanted some increased functionality (I bought a web managed switch and put it on the .0.x subnet and moved all servers and high traffic devices there).
Basically r4nd0m1z and everyone who said i just needed to add a new route was correct, I just didnt know how to do it at the time. That was basically my problem, I could ping from the inside out because all the routes were set up exactly as SirDice said but that means I can only go one way, not both (my IPCop had no idea where .1.x was because it didnt have a route for that, only that anything not .0.x was on the internet).
Adding another NIC was the other option but I didnt feel like creating a whole other subnet at the time and buying a hub and what not (I bought the switch but thats besides the point :p )
So my architecture looks like this now:
Internet --> IPCop (.233.2)--> Switch --> (.233.x) Servers and Wireless AP (.1.2) --> (.1.x) wireless clients
I ended up doing a bit of both, but if you're looking for the no money solution go with the route add posted by r4nd0m1z on your IPCop. Thats about it and thanks for all the suggestions guys, I really do love this forum