Re: [m0n0wall] 1:1 NAT works ok, but there's a catch?

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] 1:1 NAT works ok, but there's a catch?
Date:	Fri, 18 Nov 2005 17:21:54 -0500

On 11/18/05, James W. McKeand <james at mckeand dot biz> wrote:
>
> I don't think you would use Inbound NAT Rules to accomplish this. If you
> wanted to use Inbound NAT Rules you would use Server NAT to list these
> "additional" IPs. The down side would be that the packets coming from
> these servers would have the same IP address (WAN interface IP).
>
> I think you will need to be working in the Firewall Rules area. I'm not
> sure how the rules should be written (what interface, source,
> destination, etc.), maybe someone else will pipe up with an answer...
>

right on.  put in firewall rules on the WAN allowing the traffic from
source port any, destination port 80 (or whatever) to the private IP
of the machine (NAT is applied first, so they're private IP's when
they hit the firewall rules).

-Chris