[ previous ] [ next ] [ threads ]
 From:  NERD341 at softhome dot net
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  DMZ Issues for the 400th Time
 Date:  Wed, 19 Apr 2006 20:32:57 -0600
I have been reading the M0n0Wall mailing list for sometime and still cant 
find a fix for my problem; I am trying to setup a DMZ.  I know this has been 
asked a million times but I must be missing something and would appreciate a 
hand.  Here is a little back store on my network.  I have a Generic-PC setup 
(P3 with a 4 gig HD 512 MB of Ram) with 5 network cards.  I have 5 static IP 
<X.X.X.154-158> addresses I would like to use for Servers.  I currently have 
my servers on the outside of my firewall to be operational. 

Here is my network diagram. 

WAN (X.X.X.154)
  <DHCP - PCs and Other IP Random Stuff)
   <> - Server 1 (WWW1 and Mail) (X.X.X.155)
   <> - Server 2 (WWW2) (X.X.X.156)
   <> - Server 3 (Dev) (X.X.X.157)
   <> - Server 4 (Other) (X.X.X.158)
   <DHCP  Private Wireless>
    <DHCP  Public Wireless> 

I have PROXY ARP setup to lessen for IP X.X.X.155-158.  I have capture 
portal active on WLAN_PUBLIC and Outbound NAT setup for LAN, WLAN, and 
WLAN_PUBLIC.  1:1 NAT setup to the above config. 

Now this is where I get a little confusted  Which interface do I need to 
set the rules up on to allow traffic to my servers.  I have been testing 
this by allowing HTTP to Server 1, Rule Like TCP | * | 80 || 
80 on the DMZ interface.  Is this RIGHT?  I am unable to access the server 
by using the IP .154.  I did add a rule of  TCP | * | * |  X.X.X.154 | 8080 
so I could remote admin the firewall for testing and this works file. 

Any help on getting this working would be greatly appreciated.