[ previous ] [ next ] [ threads ]
 
 From:  "dasz" <daszylstra at comcast dot net>
 To:  <tech at adaptive dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Problem setting up DMZ for public IPs
 Date:  Mon, 12 Dec 2005 15:11:23 -0500 
I think this is what you are trying to do:
http://doc.m0n0.ch/handbook/examples-filtered-bridge.html
The picture looks like it's what you described below . . . . . (Colo's
router would be your Internet router) . . . .

Monowall WAN interface would be 123.123.123.2/24  DMZ would be
123.123.123.3-254/24

Just keep in mind that if you have PCs on the LAN connection they won't be
able to access the public IPs in the DMZ (according to the directions) . . .
.

Of course I'm a NOOB to the DMZ config of Monowall . . . . my main use is
IPSEC, which runs awesome, by the way . . . .

David Z


-----Original Message-----
From: tech at adaptive dot net [mailto:tech at adaptive dot net]
Sent: Monday, December 12, 2005 2:55 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Problem setting up DMZ for public IPs


But how?

i cant change routing, and only have the one class-c.


~~~~~~~~~~~~~


----- Original Message -----
From: "Paul Taylor" <PaulTaylor at winn dash dixie dot com>
To: <tech at adaptive dot net>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, December 12, 2005 1:45 PM
Subject: RE: [m0n0wall] Problem setting up DMZ for public IPs


>
> Generally, you'd want to set it up so that you have a very small address
> range to have on your WAN segment.. Then, have your full class C on the
> DMZ
> side...
>
> -----Original Message-----
> From: tech at adaptive dot net [mailto:tech at adaptive dot net]
> Sent: Monday, December 12, 2005 1:41 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Problem setting up DMZ for public IPs
>
> I've got a full Class C that i'm trying to put a monowall firewall (Pc CD)
> in front of, lets call my network class c: 123.123.123.0/24
>
> - i've got 3 NICs setup as WAN LAN DMZ
> - lets call my router 123.123.123.1 connected to WAN
> - my monowall 123.123.123.2
> - my network layer 2 switch connected to DMZ port
> - all my servers i want to have as public IP addresses.
> - and my servers are 123.123.123.3- 123.123.123.254
> - all on a /24 mask
> - for simplicity, lets say only ports 80 to pass through
>
> how in the world do i set up my DMZ to allow it to have public IPs on it?
> i cant figure out whether to use bridging, static routes, NAT, 1:1 NAT,
> etc
>
> the other confusion i have, is what is the difference between the WAN LAN
> DMZ tabs on the web Rules GUI vs the WAN LAN DMZ "source" drop down menu.
> seems like an oxymoron that i can define a DMZ rule but specify the LAN
> port
>
> as the source.
>
> thanks from a firewall n00b
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.371 / Virus Database: 267.13.13/198 - Release Date:
> 12/12/2005
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch