Re: [m0n0wall] DMZ question

From:	Jim McBeath <monowall at j dot jimmc dot org>
To:	Assinatura de Listas <assinarlistas at yahoo dot com dot br>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] DMZ question
Date:	Fri, 19 Dec 2003 12:06:14 -0800

On Fri, Dec 19, 2003 at 12:19:52PM +0000, Assinatura de Listas wrote:
> How do I create a DMZ??
> 
> I suppose I should 'Enable optional 1 interface',

right

> then I should change its description,

right

> brigde with none

right

> and enter some ip address in the range of my m0n0wall's lan nic, right?

No, you should enter an address on a separate subnet.  For example,
if you are using 192.168.0.0/24 for your LAN, use 192.168.1.0/24 for
your DMZ and assign 192.168.1.1 to the DMZ interface on m0n0wall.
Assign 192.168.1.2 to your DMZ machine, or turn on DHCP on the DMZ
interface in m0n0wall and tell your DMZ machine to use DHCP.

> Then, may/should I plug a crossover cable into
> m0n0wall's optional 1 interface card? 

For a single DMZ machine, yes.  Or plug in a hub if your DMZ has more than
one machine.

--
Jim