Hello List,

 

First I must commend Manuel for a great product- this is just what I
had
been looking for, and combined with a Soekris, it is a wonderful, cost
effective solution.

 

Now on to my problem- the summary is that I can't access (ping, ssh,
etc)
hosts in what I call the DMZ zone (the OPT1 Interface) from LAN
clients.  I
have browsed the archives, but not come up with anything that works for
me.
I am using the Net 45xx platform.

 

I have an entire block of IP addresses assigned to me by my ISP, for my
use,
they provide a default gateway and routing for the public IP addresses.
 My
intent for the M0n0Wall was to use as a router for my LAN (providing a
firewall and NAT private lan), and the third interface as a DMZ port
bridged
with the WAN port, which goes into my switch, where other public hosts
are
plugged into.  The reason for the bridged interface was so I can shape
ALL
traffic coming into my Internet link- not just the traffic for LAN
clients.
Graphically:

 

T-1 from ISP, full subnet, 27 IP Addresses===> WAN PORT

NAT LAN Clients (private IP's)=========>LAN PORT

Ethernet Switch where other Public IP hosts are===>Opt1 port

 

OPT1 is bridged with WAN

 

I want to reach hosts on OPT1 from LAN, and it won't work.  I have
tired
allowing all traffic for DMZ with no success.  The log stll reports
traffic
blocked FROM the host in DMZ (OPT1).

 

I can provide parts of my config, please let me know what parts- too
much to paste all here.

Thank you!