Don Munyak wrote:
> This is probably a noob question, but I just want to confirm first.
> I have setup m0n0wall v1.11 with three interfaces, WAN, LAN, DMZ. I
> have not yet moved any servers from the LAN over to the DMZ. The NAT
> 1:1 is currently coming into specific LAN servers.
> Our LAN network is 192.168.222.0 /24
> The DMZ network is 192.168.10.0 /24
> Test server 192.168.10.5 /24
> I want to put a test webserver on the DMZ, but I don't want to make it
> public, nor suseptable to WAN traffic. By simply not specifying any
> NAT or Server settings will allow the server on the DMZ network to
> remain invisible to internet traffic...Correct ??
Yes. You can even enforce a firewall rule if you want.
> The next step of testing I was planning to add an entry in one of our
> internal DNS servers with a static router in m0n0wall for accessing
> the webserver. Does this sound reasonable ?
It works here.
> My plan is to make the test server visible from the LAN but not the WAN.
Ok, but why do you put it in the DMZ then?
> - Don
(I'm a newbie too, please correct me if i'm wrong)