[ previous ] [ next ] [ threads ]
 
 From:  "Fred Weston" <fred at daytonawan dot com>
 To:  "'Manuel Kasper'" <mk at neon1 dot net>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Webserver on LAN behind m0n0wall NAT
 Date:  Mon, 15 Dec 2003 03:57:32 -0500
Oh, sweet!  I didn't read down far enough on the DNS Forwarder page to
see that option.  That would solve the problem using the method I had
used previously, but without requiring me to run DNS on another box.
Really cool feature - thanks!

-----Original Message-----
From: Manuel Kasper [mailto:mk at neon1 dot net] 
Sent: Monday, December 15, 2003 3:50 AM
To: Fred Weston
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Webserver on LAN behind m0n0wall NAT


Fred Weston said:
> and that works fine for that purpose.  Now, my question is if you 
> typed the external IP address of the firewall in on the LAN client PC,

> will you be able to access the server's website?  In other words is it

> smart

No, ipfilter's ipnat (which is used for NAT in m0n0wall) doesn't do that
(and as you can see, many commercial products can't either - like your
Netgear router). In most cases, you can work around this problem by
using the DNS forwarder on m0n0wall and specifying an override for that
web server's name with the internal/LAN IP address. Then just use
m0n0wall's LAN IP address as the DNS server for all your clients, and
you should be fine - no need to mess with hosts files.

- Manuel