[ previous ] [ next ] [ threads ]
 
 From:  "Daniel Foster" <dan at melbourne dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Public webservers behind monowall
 Date:  Fri, 3 Jun 2005 12:13:39 +0100
Hi,
 
I'm trying to setup m0n0wall to protect webservers in a colo facility.  We have a /24 subnet routed
to us over a /30 link.  My plan was to assign an ip on the /30 to the EXT interface, and then put
the /24 on the OPT1 interface, (and not use the LAN interface apart from initial config and perhaps
SNMP) and have m0n0wall do the routing.  We have it setup like this currently with Watchguard
Fireboxes, but we're having various problems with them so i'd like to switch to m0n0 if possible.
 
Is the above possible without doing 1:1 NAT and having to give the webservers private IPs?
 
This setup is slightly different to the example in the documentation - we don't want m0n0 doing
proxy arp sat on the same subnet as the webservers - it needs to have the whole of the /24 on the
OPT1 interface 
 
I've tried to do this in a test environment in our office but it doesnt seem to be working properly
- it could be because im simulating it with private IPs.
 
Any help would be most appreciated.
 
Kind Regards,
Dan Foster

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 267.5.1 - Release Date: 02/06/2005