[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Migration to m0n0
 Date:  Mon, 23 May 2005 23:51:09 -0400
On 5/23/05, Michael Lester <mlester at fastrans dot com> wrote:
> 
> LAN:
> IP Addr: 192.168.20.246
> Netmask: 255.255.0.0
> 
> 
> WAN:
> IP Addr: xx.xx.152.3
> Netmask: 255.255.254.0
> Gateway: xx.xx.152.1
> 
> 
> DMZ:
> IP Addr: xx.xx.154.1
> Netmask: 255.255.254.0
> 
> 
> 
> I enabled advanced outbound NAT (and created a rule to allow the LAN
> outgoing access) like the manual said I should do when using public IPs
> for a DMZ.  When I attempted the switch to m0n0, the LAN was able to see
> the outside Internet as well as the DMZ.  The DMZ however, was not able
> to route out to the outside Internet.  The DMZ machines are using
> xx.xx.154.1 as their gateway.  I was unable to ping xx.xx.154.1 from the
> DMZ machines.  I WAS able to ping the DMZ machines from the m0n0 box.  I
> attempted to add a rule to allow the DMZ out as well, but was not
> successful.  

Sounds like you were missing firewall rules on the DMZ interface. 
Anything in the firewall logs?

-Chris