Chris Buechler wrote:
>A publicly accessible host is not the same thing as a DMZ. You can
>configure inbound NAT to the LAN to accomplish what you are talking
>A DMZ would be a separate network on a 3rd interface, isolated from
>LAN access as much as possible.
Hmm... So does DMZ for m0n0wall do something else then the DMZ ports on
things like linksys and d-link routers? See the problem I ran into when
trying to configure port forwarding on my old d-link is that some
programs wouldn't use the same ports all the time, sometimes I couldn't
figure out what ports were being used in the first place, and then there
were some other things. So in the end, the only way to access everything
on my server was to specify its IP in the DMZ config and any ports that
weren't forwarded specifically would just go to that DMZ host. Not to
mention that on my d-link the DMZ host wasn't isolated from the rest of
the network, so I'm not sure what that's all about.
Now I've looked into NAT config, but that just seems to be the same
problem I've had before, it will just be very hard to specify each and
every port I need to be forwarded, and there doesn't seem to be a way to
specify that any unforwarded port should go as is to that specific IP.
Any more suggestions?