Re: [m0n0wall] DMZ and public ip problem

From:	sai <list at ebs dot net dot pk>
To:	Allan Mogensen <allan at 1966 dot dk>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] DMZ and public ip problem
Date:	Mon, 14 Mar 2005 15:10:41 +0500

Allan Mogensen wrote:
> Looking for a replacement of my existing fw, m0n0 has come to my attention, 
> looks like just the fw i need :-)
> 
> However i cannot figure out the way to configure the DMZ with public ip's on 
> the m0n0 FW..

This is the HOWTO that I use (its based on posts from this list)

HTH

sai

(public IP address == real ip address as assigned to you from your ISP)

(private IP == your internal network such as 192.168.10.1)

How to Setup a DMZ.

Here is an example DMZ setting for a web server

[1] Assign private IP address to your server in the DMZ e.g. 192.168.2.1

[2] on the menu: Firewall> NAT> Server NAT add the public IP address of 
the server (plus description if you want to do it properly)

[3] in the Services menu > Proxy ARP add the the public ip addresses (so 
that the WAN port can respond to all the public ip addresses)

[4] again in the Firewall menu > NAT > Inbound add the following rule
External address: public ip address of the server
Protocol: TCP (or as desired)
External port range from: POP(or as desired)
NAT IP: private ip address for server
Local port: POP (or as desired)

[5] tick the box that says auto add rules.