[ previous ] [ next ] [ threads ]
 
 From:  sai <list at ebs dot net dot pk>
 To:  Allan Mogensen <allan at 1966 dot dk>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DMZ and public ip problem
 Date:  Mon, 14 Mar 2005 15:10:41 +0500
Allan Mogensen wrote:
> Looking for a replacement of my existing fw, m0n0 has come to my attention, 
> looks like just the fw i need :-)
> 
> However i cannot figure out the way to configure the DMZ with public ip's on 
> the m0n0 FW..

This is the HOWTO that I use (its based on posts from this list)

HTH

sai

(public IP address == real ip address as assigned to you from your ISP)

(private IP == your internal network such as 192.168.10.1)

How to Setup a DMZ.

Here is an example DMZ setting for a web server

[1] Assign private IP address to your server in the DMZ e.g. 192.168.2.1

[2] on the menu: Firewall> NAT> Server NAT add the public IP address of 
the server (plus description if you want to do it properly)

[3] in the Services menu > Proxy ARP add the the public ip addresses (so 
that the WAN port can respond to all the public ip addresses)

[4] again in the Firewall menu > NAT > Inbound add the following rule
External address: public ip address of the server
Protocol: TCP (or as desired)
External port range from: POP(or as desired)
NAT IP: private ip address for server
Local port: POP (or as desired)

[5] tick the box that says auto add rules.