[ previous ] [ next ] [ threads ]
 
 From:  Paul Taylor <PaulTaylor at winn dash dixie dot com>
 To:  tech at adaptive dot net, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Problem setting up DMZ for public IPs
 Date:  Mon, 12 Dec 2005 13:45:20 -0500
Generally, you'd want to set it up so that you have a very small address
range to have on your WAN segment.. Then, have your full class C on the DMZ
side...

-----Original Message-----
From: tech at adaptive dot net [mailto:tech at adaptive dot net] 
Sent: Monday, December 12, 2005 1:41 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Problem setting up DMZ for public IPs

I've got a full Class C that i'm trying to put a monowall firewall (Pc CD) 
in front of, lets call my network class c: 123.123.123.0/24

- i've got 3 NICs setup as WAN LAN DMZ
- lets call my router 123.123.123.1 connected to WAN
- my monowall 123.123.123.2
- my network layer 2 switch connected to DMZ port
- all my servers i want to have as public IP addresses.
- and my servers are 123.123.123.3- 123.123.123.254
- all on a /24 mask
- for simplicity, lets say only ports 80 to pass through

how in the world do i set up my DMZ to allow it to have public IPs on it?
i cant figure out whether to use bridging, static routes, NAT, 1:1 NAT, etc

the other confusion i have, is what is the difference between the WAN LAN 
DMZ tabs on the web Rules GUI vs the WAN LAN DMZ "source" drop down menu. 
seems like an oxymoron that i can define a DMZ rule but specify the LAN port

as the source.

thanks from a firewall n00b 


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch