Re: [m0n0wall] Connect to DMZ from LAN through WAN

From:	"Alberto (Warfox) De Boni" <warfox at neobe dot it>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Connect to DMZ from LAN through WAN
Date:	Fri, 10 Feb 2006 10:39:11 +0100

I saw that FAQ, the real difference is that i don't use NAT.
I've got 16 public IP, and the server in DMZ have their own public ip 
address.

Server1
Server2------|
             DMZ
             |
             [Monowall]---WAN----
             |
             LAN
             |
Office--------

DMZ is not NATTED, it's bridged with WAN interface. For some reasons, i 
can't tell to Office's PC to access Servers with a direct accesso 
LAN-DMZ. When i try to access i.e. Server1, the packet will go to 
internet using WAN publi IP and go back to DMZ Server1 public ip.. At 
this point monowall accept connection, but when server1 try to send a 
packet back to WAN public Ip monowall stops it.

09:38:35.229624 	DMZ <?if=DMZ> 	62.2.231.xx, port 25 <?sp=25> 
62.2.231.xx, port 59105 <?dp=59105> 	TCP <?pr=TCP>


The first ip is Server1 Ip address. The second one is WAN public ip.

Thanks,

Daniel Solsona ha scritto:
> Probably here is the answer if I've understood you
>
> http://doc.m0n0.ch/handbook/faq-lannat.html
>
>
> 2006/2/10, Alberto (Warfox) De Boni <warfox at neobe dot it>: