I have the following problem with a m0n0wall DMZ and the effect is the
same on all versions I have tried, from 1.1 to 1.2b7.
I have m0n0wall with 3 interfaces, WAN, LAN and DMZ(OPT1).
I have several Grandstream VoIP devices which I would like to put all
on the DMZ subnet.
But I can put ONLY one, since any others do not authenticate to their
SIP servers on the internet.
If I leave only one VoIP device on the DMZ, it works, but here is
another weird problem. It cannot take NTP time from the Internet. Once
I have configured it to take NTP time from a server on the LAN subnet,
it is fine.
If I place the other VoIP devices on the LAN, they work fine and they
authenticate OK to their SIP servers.
There are no log entries that show access denied to/from port 123
(NTP) or to/from 5060 (SIP)
or to/from the IP addresses of the VoIP devices.
I see no reason why the DMZ subnet does not work the same way as the LAN subnet.