[ previous ] [ next ] [ threads ]
 
 From:  Daniele Dorelli <danix at interazioni dot it>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  problem going out from my dmz
 Date:  Thu, 16 Mar 2006 13:09:55 +0100 
Hello there,
I have a problem going out from my dmz area with services.

I have three interfaces, WAN, LAN and OPT1.
By now the rules permit traffic from all ports of any address to any 
address.

I enabled advanced outboud nat.
I enabled proxy ARP and created a simple rule on WAN (100.100.100.208/28).

OPT1 address is 100.100.100.208/28.

My machine address is 100.100.100.209/28.

It's default gateway is 100.100.100.208.

But it doesn't work, it doesn't reply to pings and anything else.

If I change the default router to 192.168.201.1 (the private address of 
m0n0wall on the LAN side) it works.

But I don't want that traffic come IN from OPT1 interface and goes out 
from LAN interface, it makes no sense.

Is there something I did wrong?
How can I use only one interface for the traffic to and from my DMZ?

Thanks a lot in advance for any useful suggestions.
-- 
Daniele Dorelli - www.interazioni.it
Via Appia Nuova, 103 - 00183 Roma
Tel. +39 06 77.20.37.04 - Fax +39 06 77.26.00.35