[ previous ] [ next ] [ threads ]
 
 From:  Adrian Basescu <adrianeli at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Mail filtering gateway in DMZ config problem
 Date:  Mon, 18 Apr 2005 14:46:00 -0400 
You may need proxy arp even for 1:1 NAT in some cases. In your case,
if the setup is correct, the 1:1 NAT makes all the services and ports
you have on the inside system 192.168.2.2 available on the outside IP
1.1.1.2, minus the one you may filter and stop in the firewall rules.

Server NAT is similar, but it is more flexible, you can map to the
outside address 1.1.1.2 several services which may be on different
systems behind the firewall. port 25 for 192.168.2.2 and port 110 for
192.168.2.3, for example.