[ previous ] [ next ] [ threads ]
 
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch, ccastro at unr dot edu dot ar
 Subject:  Fwd: [m0n0wall] NATed mail server HELP!
 Date:  Tue, 1 Nov 2005 12:35:08 -0500
Proxy ARP

I used:
Interface :WAN
Network: Range
and then used the range of public IP's

In your case, use single host and add the public IP for your mail
server. The 1:1 NAT will redirect all incoming packets for your Public
IP to the DMZ IP. Then you will need to create firewall rules in the
DMZ tab for the mail server

You may need to reboot the router to clear arp cache

-Don

---------- Forwarded message ----------
From: Claudio Castro <ccastro at unr dot edu dot ar>
Date: Nov 1, 2005 11:53 AM
Subject: [m0n0wall] NATed mail server HELP!
To: m0n0wall at lists dot m0n0 dot ch


Hi guys, I will go straight to my problem...
I have this topology:

router------HUB-----Mail server(With a public IP 2.0.0.2)
                      |______(Gateway)LAN

And I want this one:

Router-----(2.0.0.3 public)m0n0wall-----Mail Server (With a private IP
10.1.1.2)
                         |________(gateway)LAN

I put the mail server in a DMZ , the DMZ interface of m0n0wall have the
ip 10.1.1.1 and the mail server ip is10.1.1.2 and the gateway 10.1.1.1
Then I define a rule in the DMZ interface to let the DMZ net access
everywhere except the LAN.
The I define a 1:1 NAT in the WAN interface, in external subnet I put
2.0.0.2/32(public ip of the former mail server), in internal subnet I
put 10.1.1.2 (identical to the online documentation)
How the arp proxy should be configured?
But, nothing is working...from the mail server..I make a ping to
10.1.1.1 and it says unreacheable..the same from the m0n0wall DMZ
interface to the mail server. The mail server doesnt have a firewall...i
make /etc/ini.d/iptables stop
The mail server is in production..so i dont have much time to make
changes...
So..what am i missing??? im driving crazy...
the mail server seems to have no conection to nowhere...
What about the outbound NAT? do i have to set something there?


Last thing...the router would have in his arp table the mac of the mail
server corresponding to the public ip 2.0.0.2.but now..that ip
correspond to the intarface of the m0n0..how do I deal with that?

Thanks a lot..and sorry my english...

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch