|
||||||||
Okay, i'm a bit confused how to set the DMZ interface ip... if i want to use the 83.90.91.241, would it then be 83.90.91.241/31 or ?? /Allan -----Original Message----- From: Chris Buechler <cbuechler at gmail dot com> To: Allan Mogensen <allan at 1966 dot dk> Cc: m0n0wall at lists dot m0n0 dot ch Date: Tue, 15 Mar 2005 23:28:50 -0500 Subject: Re: [m0n0wall] DMZ and public ip problem > On Fri, 11 Mar 2005 11:27:31 +0100, Allan Mogensen <allan at 1966 dot dk> > wrote: > > > > However i cannot figure out the way to configure the DMZ with public > ip's on > > the m0n0 FW.. > > > > You can use 1:1 or Server NAT, but you can also use public IP's on > your DMZ segment. > > > > My current ip setup: > > WAN: 80.132.160.246 (Static IP from ISP) > > GW: 80.132.160.245 > > > > DMZ: 83.90.91.240/28 (assigned from ISP) - i'm not 100% sure, but my > guess > > is that the ISP routes all traffic to my static IP.. > > > > LAN: 192.168.1.0/24 > > > > In my current firewall the DMZ setup is configured like this: > > DMZ I/F in firewall: 83.90.91.241 (which is also default gateway for > DMZ > > machines) > > > > I have replicated this setup to M0n0: > > DMZ I/F IP: 83.90.91.240/28 > > By browsing the doc's i found that i need to Enable Advanced Outbound > NAT in > > order to disable NAT for the DMZ > > > > Nothing is changed on the DMZ machines, default gateway is still > > 83.90.91.241 > > > > The gateway on the DMZ machines needs to be the same as the IP on the > m0n0wall DMZ interface, so the m0n0wall DMZ interface needs to be > .241. Sounds like you have it as .240. Sounds like you did > everything else fine. > > -Chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > |