On 9/29/05, Mark Wass <mark dot wass at market dash analyst dot com> wrote:
> I have enabled "Advanced Outbound NAT" and not put any rules in.
> I don't quite understand what enabling this does can you explain?
working on the docs, wrote this as a quick and dirty outbound NAT
write up. I'll be improving it, but see if this answers your
By default, m0n0wall automatically adds NAT rules to all interfaces
to NAT your internal hosts to your WAN IP address for outbound traffic.
The only exception is for any hosts for which you have
configured 1:1 NAT
entries. Therefore, if you are using public IP addresses on any of the
interfaces behind your m0n0wall (with the exception of bridged
you need to change m0n0wall's default NAT behavior by enabling advanced
If you are using public IP addresses on all the interfaces behind
your m0n0wall, check the "Enable advanced outbound NAT" box
and click Save.
Now nothing will be NAT'ed by m0n0wall.
If you have a public IP subnet off one of your interfaces behind m0n0wall
and a private IP subnet behind another interface, you will
need to enter your
own NAT mappings on this screen. For example, if you have a
LAN subnet of
192.168.1.0/24 and a DMZ subnet with public IP addresses, you
will need to
enable advanced outbound NAT, and click the plus at the bottom
of this tab
to add a NAT mapping for your LAN network. For this scenario, you will
want to add a rule for interface WAN, source 192.168.1.0/24, destination
any, target box blank, and enter a description of your choosing.