[ previous ] [ next ] [ threads ]
 
 From:  Harley Ice <joe at siennaridge dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  1:1 rule config
 Date:  Fri, 5 Aug 2005 13:46:08 -0400
Setup:

2 Nic's, 1 on WAN, 1 on LAN

LAN is in the 192.168.9.x range

I have setup 1:1 maps for about 12 of my 20 IP's

such as

2.0.0.50  -> 192.168.9.50
2.0.0.51  -> 192.168.9.51
...
2.0.0.59  -> 192.168.9.59


I also created RULES such as this on the WAN INTERFACE:

Proto Source Port Destination Port Description  
TCP  *  25 (SMTP)  192.168.9.50  25 (SMTP)  Server - SMTP IN     
TCP  *  110 (POP3)  192.168.9.50  110 (POP3)  Server - POP3 in     
TCP  *  143 (IMAP)  192.168.9.50  143 (IMAP)  Server - IMAP in     
UDP  *  53 (DNS)  192.168.9.51  53 (DNS)  DNS inbound     
UDP  *  53 (DNS)  192.168.9.52  53 (DNS)  DNS inbound     
TCP  *  80 (HTTP)  192.168.9.53  *  WS01 HTTP in     
TCP  *  80 (HTTP)  192.168.9.54  *  WS01 HTTP in     
TCP  *  80 (HTTP)  192.168.9.54  *  WS01 HTTPS in     
  
Here is my LAN INTERFACE:

Proto Source Port Destination Port Description  
*  LAN net  *  *  *  Default LAN -> any   

  
==

the problem is that when my remote tester tries to access any of the machines behind the firewall,
they are unable to do so.

=
Beyond setting up the 1:1 and FIREWALL RULES on the WAN INTERFACE, what do I have to do???

I read this document http://m0n0.ch/wall/docbook/examples.html#id2598130
but it covers a 3 Nic setup, not a 2 Nic setup.

I can browse outbound from the servers, so connectivity is not an issue.

Please offer advice!

Thanks!