[ previous ] [ next ] [ threads ]
 
 From:  Claudio Castro <ccastro at unr dot edu dot ar>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  NATed mail server HELP!
 Date:  Tue, 01 Nov 2005 13:53:18 -0300
Hi guys, I will go straight to my problem...
I have this topology:

router------HUB-----Mail server(With a public IP 2.0.0.2)
                      |______(Gateway)LAN
                  
And I want this one:

Router-----(2.0.0.3 public)m0n0wall-----Mail Server (With a private IP 
10.1.1.2)
                         |________(gateway)LAN

I put the mail server in a DMZ , the DMZ interface of m0n0wall have the 
ip 10.1.1.1 and the mail server ip is10.1.1.2 and the gateway 10.1.1.1
Then I define a rule in the DMZ interface to let the DMZ net access 
everywhere except the LAN.
The I define a 1:1 NAT in the WAN interface, in external subnet I put 
2.0.0.2/32(public ip of the former mail server), in internal subnet I 
put 10.1.1.2 (identical to the online documentation)
How the arp proxy should be configured?
But, nothing is working...from the mail server..I make a ping to 
10.1.1.1 and it says unreacheable..the same from the m0n0wall DMZ 
interface to the mail server. The mail server doesnt have a firewall...i 
make /etc/ini.d/iptables stop
The mail server is in production..so i dont have much time to make 
changes...
So..what am i missing??? im driving crazy...
the mail server seems to have no conection to nowhere...
What about the outbound NAT? do i have to set something there?


Last thing...the router would have in his arp table the mac of the mail 
server corresponding to the public ip 2.0.0.2.but now..that ip 
correspond to the intarface of the m0n0..how do I deal with that?

Thanks a lot..and sorry my english...