On 2/14/06, Miguel Dilaj <nekromancer at lycos dot com> wrote:
> Thanks for your answer and the document Jonathan.
> Regretably, this is more or less what I have at the moment. The only difference is that instead of
being too permisive allowing all traffic to/from OPT1, I'm allowing traffic to port 443 of a single
server (outgoing traffic is a bit more permissive).
> I'm NAT'ing the private network, and I'm using "advanced outbound NAT".
Take a look at http://doc.m0n0.ch/handbook/examples.html
"14.1. Configuring a DMZ Interface Using NAT" is probably what you are
looking for. I think that you will mess things up if you use "advanced