[ previous ] [ next ] [ threads ]
 
 From:  "James McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] MonoWall behind MonoWall
 Date:  Mon, 5 Sep 2005 10:22:15 -0500
Mark Wass wrote:
> Hello All
> 
> I am installing MonoWall as in the following configuration.
> 
  
  Internet--->[WAN] MW1 [LAN]--->[WAN] MW2 [LAN]---> LAN 192.168.0.1 
                                      |
                                      |
                                      V
                                     Web Server  
> 
> The Web Server has a real world IP
> 
> MonoWall1 has a real world IP on both WAN and LAN
> 
> MonoWall2 has a real world IP on the WAN
> 
> My question is, do I have to set-up NAT rules (and resultant firewall
> rules) on MonoWall1 to access services on the Web server. 

With If you want any thing to pass MW1 you will have to set rules.
 
> Can I turn NAT off? altogether on MonoWall1

Yes, Advanced Outbound NAT enabled with no rules defined

> I also have services running in the 192.168.0.1 network, port
> forwarding rules on MonoWall2 allow these services through. If I want
> to allow access to these service from the internet do I port foward
> on MonoWall1 and set the destination to be the WAN on MonoWall2?   

What is the purpose of two m0n0walls? Would a single m0n0wall with an
OPT1 interface (i.e. third NIC) bridged to WAN serve the same purpose? 

_________________________________
James W. McKeand

P.s. I took liberties with your graphic to fix wrapping issues - did I
mess it up?