[ previous ] [ next ] [ threads ]
 
 From:  "jan gestre" <m0n0wall dot list at gmail dot com>
 To:  "Simon SZE-To" <simonchs at gmail dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] setting up a dmz
 Date:  Thu, 16 Mar 2006 17:33:25 +0800
On 3/16/06, Simon SZE-To <simonchs at gmail dot com> wrote:
>
> you don't have to add 1:1 NAT when you're using filtering-bridge DMZ
>
> filtering bridge is not what i have in mind, i want my dmz to be on
> differnet network, e.g. 192.168.2.0/24 and put all my public servers in
> that network, i have enough public ip's to achieve this, suggestions?
>

TIA

On 3/16/06, jan gestre <m0n0wall dot list at gmail dot com> wrote:
> >
> >
> >
> >  On 3/16/06, jan gestre < m0n0wall dot list at gmail dot com> wrote:
> >
> > > i've found the sample documentation with regards to my network setup
> > > and as a follow up question, i only have 2 webservers and one mailserver on
> > > my dmz, do i need to permit select services from DMZ into the LAN?
> > >
> >
> > additional information with regards to my network, i don't have any
> > internal dns server and the  mail and webservers uses the dns forwarding of
> > monowall. i tried to use the 1:1 not because we have multiple public ip's so
> > each server has each own public ip, but when i tried to add a 1:1 NAT i got
> > these error
> >
> > The following input errors were detected:
> >
> >    - The WAN IP address may not be used in a 1:1 rule.
> >
> > what seems to be wrong? pls help, thanks
> >
> >
> >
> >  On 3/16/06, jan gestre < m0n0wall dot list at gmail dot com > wrote:
> > > >
> > > >
> > > >
> > > >  On 3/16/06, Simon SZE-To < simonchs at gmail dot com> wrote:
> > > >
> > > > >  http://doc.m0n0.ch/handbook/examples-filtered-bridge.html
> > > >
> > > > based on the diagram, there is no ip address assigned to the OPT
> > > > interface, what if i have assigned a private ip address to that interface
> > > > e.g. 192.168.2.1 , will the bridge setup still work? is it possible
> > > > to assign a private address 192.168.2.2 e.g. to my mail server but
> > > > in reality it just forwarding it to that ip because the mail server has a
> > > > real public ip e.g. 202.xxx.xxx.xxx, is there a documentation for
> > > > these kind of setup?
> > > >
> > > >  On 3/16/06, jan gestre <m0n0wall dot list at gmail dot com > wrote:
> > > > >
> > > > > i'm trying to setup a dmz on my monowall, i didn't find specific
> > > > > documentation on howto setup a dmz. i have already set this up on
> > > > > my ipcop
> > > > > box, is the approach the same? i want to put our web and
> > > > > mailserver in the
> > > > > dmz of monowall.
> > > > >
> > > > > TIA
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>