[ previous ] [ next ] [ threads ]
 
 From:  Brenton Hooper <razer82 at ozemail dot com dot au>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Issue with Port-Forwarding in a DMZ situation.
 Date:  Sun, 05 Dec 2004 21:46:58 +1100
Chris Buechler wrote:

>On Sun, 05 Dec 2004 20:47:46 +1100, Brenton Hooper
><razer82 at ozemail dot com dot au> wrote:
>  
>
>>My current network setup consists of 512/512kbs DSL comming in to
>>m0n0wall.  M0n0wall has 3 NIC's (all intel pro100's), one for the WAN
>>(DSL connection) one for the LAN (internal clients), one for the DMZ
>>(web server, etc.).
>>
>>LAN - 192.168.83.1/24
>>DMZ - 192.168.85.1/24
>>
>>Webserver - 192.168.85.20
>>
>>I can get though to the webserver on the DMZ no problems from the LAN.
>>However, I can't from the WAN.
>>
>>I setup the following NAT -
>>
>>Inbound
>>interface - WAN
>>External Address - Interface Address
>>Protocal - TCP
>>External Port Range -
>> From - HTTP
>>to - (other)
>>    
>>
>
>Should be "to - HTTP" there.
>
>If that doesn't work, does that box have m0n0wall's DMZ interface IP
>as its default gateway?
>
>-Chris
>
>  
>
Thanks for replying Chris.

Na, thats the port range.  The 'to' lets you specifiy a range of ports.  
However, below it it states -
"specify the port or port range on the firewall's external address for 
this mapping  Hint: you can leave the 'to' field empty if you only want 
to map a single port.

I've got the webservers default gateway set as the m0n0wall's DMZ 
interface IP address.  I've tested that by gaining access to it from LAN 
to DMZ.


Any other ideas?

Brenton