Re: [m0n0wall] Problem with public IP address in internal network

From:	sai <sonicsai at gmail dot com>
To:	Miguel Dilaj <nekromancer at lycos dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Problem with public IP address in internal network
Date:	Fri, 17 Feb 2006 10:47:15 +0500

On 2/14/06, Miguel Dilaj <nekromancer at lycos dot com> wrote:
> Thanks for your answer and the document Jonathan.
>
> Regretably, this is more or less what I have at the moment. The only difference is that instead of
being too permisive allowing all traffic to/from OPT1, I'm allowing traffic to port 443 of a single
server (outgoing traffic is a bit more permissive).
>
> I'm NAT'ing the private network, and I'm using "advanced outbound NAT".
>

Take a look at http://doc.m0n0.ch/handbook/examples.html

"14.1. Configuring a DMZ Interface Using NAT" is probably what you are
looking for. I think that you will mess things up if you use "advanced
outbound NAT".

sai