[ previous ] [ next ] [ threads ]
 
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'mk at neon1 dot net'" <mk at neon1 dot net>
 Cc:  "'list at m0n0wall dot neon1 dot net'" <list at m0n0wall dot neon1 dot net>
 Subject:  LAN - DMZ - WAN Firewall rules
 Date:  Tue, 22 Apr 2003 11:44:17 +0200 
Dear Manuel, List,

Could it be possible that the different 'interfaces' are not treated equally
when using the firewall?

To explain more clearly:
I have 2 networks connected to each other by a net4501 m0n0wall.

Employee LAN		m0n0wall			Showroom LAN
10.32.1.0/23	10.32.1.11 - 192.168.1.1	192.168.1.0/24

In this setup, there are services on both networks that need to be available
on the other network.
If I put the networks on DMZ and LAN, everything seems to work fine (except
there is no default gateway that can be set on DMZ), but if I use WAN (on
the employee side), services on the LAN interface (showroom) are not
reachable (ping is OK!).

I have set the private addresses to pass and added rules for all interfaces
for any port, dest. and any src.

I'm a newbie at BSD stuff (not even used it once) but I guess m0n0wall is
meant for dummy's like me :-)

I know my way around IP and routing (I guess ;-)

Thanks for any insight

Joachim


-----------------------------------------------
MISSION STATEMENT 
-----------------------------------------------
Océ enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

-----------------------------------------------
DISCLAIMER 
-----------------------------------------------
This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be

-----------------------------------------------