[ previous ] [ next ] [ threads ]
 
 From:  Toli <schmoli at acm dot wwu dot edu>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Routing from LAN to DMZ.
 Date:  Tue, 28 Oct 2003 09:10:12 -0800
Hello, I'm running bp18r522, and am having some difficulty with 1:1 NAT 
mapping.  I have successfully created a WAN/LAN zone in m0n0wall, and 
set up one of my extra IP addresses from my ISP with 1:1 mapping to a 
server in my LAN.  Everything works fine from outside the internet, but 
I have some specific software that needs to connect from within my LAN, 
do my DMZ server, but using the EXERNAL IP address provided by the 1:1 
mapping.  In all my attempts, when I contact this IP address (from 
within the LAN), I am never getting past the firewall (if I do port 80 I 
will get the firewalls web-admin).  Here is my IP layout:

m0n0wall WAN: X.X.X.Y
m0n0wall LAN: 10.0.0.1
m0n0wall 1:1: X.X.X.Z -> 10.0.0.20 (this works fine from outside the WAN)
m0n0wall firewall rules:  LAN: any proto, LAN source, any src port, any 
dest ip, any dest port
I also have rules allowing access to 10.0.0.20 from the WAN interface.

DMZ Server: 10.0.0.20
LAN Client: 10.0.0.100

I really need to be able to contact the DMZ server from 10.0.0.100 by 
accessing the X.X.X.Z IP Address.  I have some proprietary server 
software that needs to 'know' the IP address that clients are connecting 
to, so if I can't get this to work I need 2 separate servers, one for 
WAN clients and one for LAN clients.

I have only been usiing m0n0wall for a couple weeks, but I have found it 
to be excellent!