[ previous ] [ next ] [ threads ]
 From:  Alexander Heidenreich <alex at systemli dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  additional IP-addresses on WAN
 Date:  Thu, 7 Jul 2005 23:05:59 +0200

If got a little odd problem. I´am running M0n0wall V1.11 on a  
standard PC with a harddisk. The internet connection is SDSL/PPPoE  
with a fixed IP-address. Now I´ve got a additional subnet (x.x.x. 
56/29) and tried to configure it as in the manual (http://m0n0.ch/ 
wall/docbook/faq-ipalias.html) described. Maybe there is a  
misunderstanding at my side, because it doesn´t work.

I think I have to use the point "Routing", because everything written  
in the manual seems to be reasonable to me. So I choosed one IP for  
the DMZ-device (x.x.x.57), configured outbound NAT for my LAN and  
WLAN and added some filter rules.
 From my LAN or WLAN I can access the servers (x.x.x.58, x.x.x.59,  
x.x.x.60) in the DMZ, but not from outside, even with very simple  
rules not. The servers in the DMZ can access all other computers in  
every local network (and vice versa), as long as I permitted it with  
a rule, but there is no connection to the internet. The hosts in my  
LAN or WLAN can connect to Hosts in the Internet via NAT and my  
single public IP as before.

Where is my problem? Do I have to use 1:1 NAT, because a /29-net is  
not a whole Class C or is there an other mistake I didn´t thought  
about, yet?

bye bye