[ previous ] [ next ] [ threads ]
 
 From:  Ugo Bellavance <ugob at camo dash route dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Configuring OPT for LAN access only
 Date:  Mon, 18 Apr 2005 19:32:41 -0400 
Don Munyak wrote:
> This is probably a noob question, but I just want to confirm first.
> 
> I have setup m0n0wall v1.11 with three interfaces, WAN, LAN, DMZ. I
> have not yet moved any servers from the LAN over to the DMZ. The NAT
> 1:1 is currently coming into specific LAN servers.
> 
> Our LAN network is 192.168.222.0 /24
> The DMZ network is 192.168.10.0 /24
> Test server 192.168.10.5 /24
> 
> I want to put a test webserver on the DMZ, but I don't want to make it
> public, nor suseptable to WAN traffic. By simply not specifying any
> NAT or Server settings will allow the server on the DMZ network to
> remain invisible to internet traffic...Correct ??

Yes.  You can even enforce a firewall rule if you want.

> 
> The next step of testing I was planning to add an entry in one of our
> internal DNS servers with a static router in m0n0wall for accessing
> the webserver. Does this sound reasonable ?
> 

It works here.

> My plan is to make the test server visible from the LAN but not the WAN.
> 

Ok, but why do you put it in the DMZ then?

> Thanks
> 
> - Don

Ugo

(I'm a newbie too, please correct me if i'm wrong)