|
||||||||||
>1) Do the m0n0walls have default gateway entries? if so, what are >they? The Default Gateway for m0n0#1 is the WAN of m0n0#2 and vice versa Why say it's not a pretty setup? Do you have a better suggestion for allowing server#1 to connect to Server#2 and appear to be coming from 192.168.22.1? :-) Thanks for the reply I'll try what you have suggested. :-) Chris Buechler wrote: >On 11/30/05, Mark Wass <mark dot wass at market dash analyst dot com> wrote: > > >> Sorry Chris, that was a question. Not a statement >> >> >> > >Well, mine was a statement and a question at the same time. :) >Should have read "yes. Did you disable NAT?" > > > > > >> Can I route these private subnets. Take a look at my original email and >>you'll see what I want to do :-) >> >> >> > >yeah, i missed the earlier part of this thread. Is it possible? >Yeah. pretty? absolutely not. But if you absolutely must set it up >this way... > >1) Do the m0n0walls have default gateway entries? if so, what are >they? if you're just routing these private subnets, they aren't >required, but whether or not they're defined and what they're defined >as could have some impact. >2) as depicted in that diagram, the static route on m0n0wall #2 needs >to be on the WAN interface, not LAN as you showed (unless that was a >typo). m0n0 #2 may also need a route on the WAN to 192.168.100.0/24, >depending on the answer to the above. >3) I'd enable outbound NAT on both of them to completely disable NAT >(no rules at all), then I'd probably do a 1:1 mapping between a >192.168.22. IP and server 1's 192.168.3. IP, and add proxy arp on that >.22. IP too. From there, as long as the proper firewall rules are in >place, everything should work. > >-Chris > >--------------------------------------------------------------------- >To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > > > > |