[ previous ] [ next ] [ threads ]
 
 From:  Peter van Eck <peter at vaneckonline dot net>
 To:  Christoph hanle <christoph dot hanle at leinpfad dot de>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DMZ static route
 Date:  Thu, 09 Mar 2006 15:39:22 +0100
Thanks for the advise Christophe...

So is the only reason of setting this up as I described the 2 firewalls 
NATing as you mentioned ?

Have you got more details on that ?

thanks,

Peter

Christoph hanle wrote:

>----- original Nachricht --------
>
>Betreff: [m0n0wall] DMZ static route

>Von: "Peter van Eck" <peter at vaneckonline dot net>
>
>  
>
>>Hi,
>>
>>I've got m0n0wall 1.21 on a  3 interface soekris 4801.
>>
>>What I would like/need is to create DMZ zone. currently I've got
>>a wired LAN , Wireless LAN and the WAN interface configured in M0n0wall.
>>
>>Is it advisable to create the DMZ in the Wired LAN behind a 2nd 
>>router/firewall using static routes in M0n0wall ?
>>    
>>
>No.
>It is possible, but not advisable.
>If  you don't have the possibility to use a router with four interfaces WAN/ Wireless / DMZ and Lan
and you have to use two routers do following:
>Wan-side use a firewall with two interfaces (WAN and DMZ) and on LAN-side use a Firewall with three
interfaces (DMZ / wireless and LAN).
>always with two Firewall nating etc. is tricky but possible.
>bye
>Christoph
>
>  
>
>>the DMZ will have mail /web server /DNS servers open for public as well  
>>as being accessed by  the LANS for imap/smtp  and squid outgoing proxy...
>>
>>thanks,
>>
>>Peter
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>    
>>
>
>--- original Nachricht Ende ----
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>