[ previous ] [ next ] [ threads ]
 
 From:  mika <mikata at gmail dot com>
 To:  Vittore Zen <drzen at gamebox dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 2 WAN - 1 DMZ - 1 LAN
 Date:  Wed, 9 Feb 2005 13:36:08 +0100 
> >>If a dmz server use the first firewall as default gateway the LAN
> >>clients that have the second firewall as default gateway cannot connects.
> >>
> >>           +-> ADSL1 <-> m0n01 <-+
> >>           |                |    |
> >>Internet <-|               DMZ  LAN
> >>           |                |    |
> >>           +-> ADSL2 <-> m0n02 <-+
> >>
> >>
> >
> >if m0n01 and m0n02 are connected via LAN, you can add a static routing
> >to DMZ-IPs via m0n01 if you want to connect clients with m0n02 as
> >gateway to DMZ.
> >
> >see http://m0n0.ch/wall/docbook/config-system.html if you dont know
> >how to handle it...
> >
> >
> >
> A static routing? Good idea.
> 
> So, if I haven't VLAN and...
> 10.10.0.1/20 m0n01 LAN ip
> 10.10.0.2/20 m0n02 LAN ip
> 10.10.224.1/20 m0n01 DMZ ip
> 10.10.224.2/20 m0n02 DMZ ip
> 200.200.200.200 m0n01 WAN ip
> 200.200.200.100 m0n02 WAN ip
> 
> I add in m0n02 the route:
> Interface:   DMZ
> Destination network:   10.10.224.0/20 (the DMZ network)
> Gateway: 10.10.0.1 (the ip of m0n01 DMZ interface)

does it work ? i would have done it the same way