[ previous ] [ next ] [ threads ]
 
 From:  Brenton Hooper <razer82 at ozemail dot com dot au>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Issue with Port-Forwarding in a DMZ situation.
 Date:  Sun, 05 Dec 2004 20:47:46 +1100
My current network setup consists of 512/512kbs DSL comming in to
m0n0wall.  M0n0wall has 3 NIC's (all intel pro100's), one for the WAN
(DSL connection) one for the LAN (internal clients), one for the DMZ
(web server, etc.).

LAN - 192.168.83.1/24
DMZ - 192.168.85.1/24

Webserver - 192.168.85.20


I can get though to the webserver on the DMZ no problems from the LAN.
However, I can't from the WAN.

I setup the following NAT -

Inbound
interface - WAN
External Address - Interface Address
Protocal - TCP
External Port Range -
 From - HTTP
to - (other)
NAT IP - 192.168.85.20
Local Port - HTTP


I have the following in Firewall : Rules

WAN Interface -
Action - Pass
Interface - WAN
Protocal - TCP
Source - any
Source port range - any
destination - single host or alias - 192.168.85.20
destination port range - HTTP
fragments - Allow (I tryed not-allow, made no difference)
log - Log packets (for troubleshooting)



I know the domain that I'm giving out is correct, as it resulves to my
external IP.


Do you guys (and girls) have any ideas?


Thanks for your time,
Brenton
First time m0n0wall user