Re: [m0n0wall] setting up a dmz

From:	"jan gestre" <m0n0wall dot list at gmail dot com>
To:	"Chris Buechler" <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] setting up a dmz
Date:	Thu, 16 Mar 2006 22:16:01 +0800

On 3/16/06, Chris Buechler <cbuechler at gmail dot com> wrote:
>
> On 3/15/06, jan gestre <m0n0wall dot list at gmail dot com> wrote:
> > based on the diagram, there is no ip address assigned to the OPT
> > interface,
>
> There is no IP on a bridged interface.
>
>
> > what if i have assigned a private ip address to that interface
> > e.g. 192.168.2.1 , will the bridge setup still work?
>
> If you want private IP's off that interface, you don't want bridging.
>
>
> > is it possible to
> > assign a private address 192.168.2.2 e.g. to my mail server but in
> reality
> > it just forwarding it to that ip because the mail server has a real
> public
> > ip e.g. 202.xxx.xxx.xxx, is there a documentation for these kind of
> setup?
> >
>
> Add that public IP in proxy ARP, then set up 1:1 NAT between the
> private and public IP's.
>
> dear chris,


i've added the mailserver's public ip in proxy ARP, then tried to setup 1:1
NAT but i still got the same error which is:

The following input errors were detected:

   - The WAN IP address may not be used in a 1:1 rule.

did i miss something?