Re: [m0n0wall] Private on LAN, Public on DMZ

From:	"RP Smith" <rpsmith at hotmail dot com>
To:	m0n0 at dana dot org dot uk
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Private on LAN, Public on DMZ
Date:	Mon, 27 Feb 2006 19:53:00 -0600

You may want to check out one of my previous posts on this subject:

http://m0n0.ch/wall/list/showmsg.php?id=173/85
http://m0n0.ch/wall/list/showmsg.php?id=235/74

You can have OPT1 bridged to WAN _and_ still access OPT1 from LAN - the
secret is to use advanced NAT.  I'm using it that way now!  And you
don't waste any IP addresses, either.

--
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk
----------------------------------

Neil,

I tried your advanced NAT rule but so far no luck.  I'm a little confused as 
to the correct net mask to use for the rule.  How do I determine the correct 
mask?  Also, the main problem I'm having right now is that as soon as I 
bridge my DMZ to my WAN, I can no longer reach the Internet from my NATed 
LAN hosts.  If it matters, the DMZ interface I'm trying to bridge to my WAN 
is actually my Optional 2 interface.  My Optional 1 interface is a NATed 
192... network.

Thanks for the help Neil.

Roy...