[ previous ] [ next ] [ threads ]
 
 From:  "Chris James" <lists at chrisjames dot me dot uk>
 To:  "mika" <mikata at gmail dot com>, "Vittore Zen" <drzen at gamebox dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 2 WAN - 1 DMZ - 1 LAN
 Date:  Wed, 09 Feb 2005 13:42:51 +0000 
On Wed, 9 Feb 2005 13:36:08 +0100, "mika" <mikata at gmail dot com> said:
> > >>If a dmz server use the first firewall as default gateway the LAN
> > >>clients that have the second firewall as default gateway cannot connects.
> > >>
> > >>           +-> ADSL1 <-> m0n01 <-+
> > >>           |                |    |
> > >>Internet <-|               DMZ  LAN
> > >>           |                |    |
> > >>           +-> ADSL2 <-> m0n02 <-+
> > >>
> > >>

How about setting it up by having the DMZ off m0n01 only:

           +-> ADSL1 <-> m0n01 <-+
           |                |    |
Internet <-|               DMZ  LAN
           |                     |
           +-> ADSL2 <-> m0n02 <-+

 10.10.0.1/20 m0n01 LAN ip
 10.10.0.2/20 m0n02 LAN ip
 10.10.224.1/20 m0n01 DMZ ip
 200.200.200.200 m0n01 WAN ip
 200.200.200.100 m0n02 WAN ip

Then a static route on m0n02 =
 10.10.224.1/20 -> gateway m0n01 LAN (10.10.0.1)

It's just a thought - would be my idea of how to set this up - although
I can't say I've tried it :)

Chris. 

-- 
  Chris James
  http://www.chrisjames.me.uk