[ previous ] [ next ] [ threads ]
 
 From:  Vittore Zen <drzen at gamebox dot net>
 To:  mika <mikata at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 2 WAN - 1 DMZ - 1 LAN
 Date:  Wed, 09 Feb 2005 10:48:11 +0100 
In data 09/02/05 9.11 mika ha scritto:

>>If a dmz server use the first firewall as default gateway the LAN
>>clients that have the second firewall as default gateway cannot connects.
>>
>>           +-> ADSL1 <-> m0n01 <-+
>>           |                |    |
>>Internet <-|               DMZ  LAN
>>           |                |    |
>>           +-> ADSL2 <-> m0n02 <-+
>>    
>>
>
>if m0n01 and m0n02 are connected via LAN, you can add a static routing
>to DMZ-IPs via m0n01 if you want to connect clients with m0n02 as
>gateway to DMZ.
>
>see http://m0n0.ch/wall/docbook/config-system.html if you dont know
>how to handle it...
>
>  
>
A static routing? Good idea.

So, if I haven't VLAN and...
10.10.0.1/20 m0n01 LAN ip
10.10.0.2/20 m0n02 LAN ip
10.10.224.1/20 m0n01 DMZ ip
10.10.224.2/20 m0n02 DMZ ip
200.200.200.200 m0n01 WAN ip
200.200.200.100 m0n02 WAN ip

I add in m0n02 the route:
Interface:   DMZ
Destination network:   10.10.224.0/20 (the DMZ network)
Gateway: 10.10.0.1 (the ip of m0n01 DMZ interface)

ok?
v.