[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Can't Ping DMZ from LAN
 Date:  Fri, 6 Jan 2006 01:27:25 -0500 
On 1/6/06, Tim Cary <TDC at yesinc dot com> wrote:
>
> I have an entire block of IP addresses assigned to me by my ISP, for my
> use,
> they provide a default gateway and routing for the public IP addresses.
>  My
> intent for the M0n0Wall was to use as a router for my LAN (providing a
> firewall and NAT private lan), and the third interface as a DMZ port
> bridged
> with the WAN port

Unfortunately, that's not possible.
http://doc.m0n0.ch/handbook/faq-bridge.html

If you don't need public IP's directly on the DMZ systems, you could
use 1:1 NAT with a private IP subnet on the DMZ.  Or you could use a
second firewall for just the bridging.  Or if you could get your ISP
to route that public IP block to you, you could put that public IP
block as your DMZ including one of the IP's on m0n0wall's DMZ
interface.

-Chris