[ previous ] [ next ] [ threads ]
 From:  Ugo Bellavance <ugob at camo dash route dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: newbie question
 Date:  Wed, 31 Aug 2005 14:15:14 -0400
Chris Marcellin wrote:
> Hi all;
> i have a question which i'm sure has been asked a million times, however, i
> haver thoroughly searched the mailing list for answers, and it sort of has
> been answered, but, i just want to clarify, if that's ok
> to start, i have a static ip coming in from my ISP, and i'm using PPPoE, as
> well, i also have a subnet /30 coming in, but, on a different subnet, for
> example:
> 205.x.137.117 : static ip address for the wan link
> 205.x.140.116 /30, my subnet
> what i would like to do is this:
> have a DNS which is using a public domain name example.com, web and mail
> server and clients
> after doing some research on monowall's maillist, i think i have come to the
> conclusion that the best solution is a dmz which will have the DNS, mail and
> web servers, and the lan hosting my clients

I agree.

> if you agree, please tell me so, or arguements
> my next question is this:
> if you agree on the dmz, should i use 1:1 nat for my servers

If you have enough IP addresses, i think this would be the best thing.

> , and i guess
> that i would have to also do port forwarding for 80, 25, 110, 443, 53, 22
> right?

If 1-to-1 NAT, only firewall rules.

> or firewall rules, or both (sorry, for asking so many questions) i
> hope that i have explained my situation well enough, if not please tell me
> if i'm missing something
> Thanx
> Chris Marcellin


-> Please don't send a copy of your reply by e-mail.  I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.