[ previous ] [ next ] [ threads ]
 
 From:  "Allan Mogensen" <allan at 1966 dot dk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DMZ and public ip problem
 Date:  Mon, 14 Mar 2005 13:27:38 +0100
Okay.. i will try this.

This indicates that the firewall does not support  public ip's on the dmz 
interface (NAT zero) or ?? - this would be a big problem if i was to run 
some traffic analyzer/statistics module on the web server.. all traffic 
would be comming from the same ip... i guess..


-----Original Message-----
From: sai <list at ebs dot net dot pk>
To: Allan Mogensen <allan at 1966 dot dk>
Cc: m0n0wall at lists dot m0n0 dot ch
Date: Mon, 14 Mar 2005 15:10:41 +0500
Subject: Re: [m0n0wall] DMZ and public ip problem

> Allan Mogensen wrote:
> > Looking for a replacement of my existing fw, m0n0 has come to my
> attention, 
> > looks like just the fw i need :-)
> > 
> > However i cannot figure out the way to configure the DMZ with public
> ip's on 
> > the m0n0 FW..
> 
> This is the HOWTO that I use (its based on posts from this list)
> 
> HTH
> 
> sai
> 
> (public IP address == real ip address as assigned to you from your ISP)
> 
> (private IP == your internal network such as 192.168.10.1)
> 
> How to Setup a DMZ.
> 
> Here is an example DMZ setting for a web server
> 
> [1] Assign private IP address to your server in the DMZ e.g.
> 192.168.2.1
> 
> [2] on the menu: Firewall> NAT> Server NAT add the public IP address of
> the server (plus description if you want to do it properly)
> 
> [3] in the Services menu > Proxy ARP add the the public ip addresses
> (so 
> that the WAN port can respond to all the public ip addresses)
> 
> [4] again in the Firewall menu > NAT > Inbound add the following rule
> External address: public ip address of the server
> Protocol: TCP (or as desired)
> External port range from: POP(or as desired)
> NAT IP: private ip address for server
> Local port: POP (or as desired)
> 
> [5] tick the box that says auto add rules.