[ previous ] [ next ] [ threads ]
 
 From:  Mark Wass <mark dot wass at market dash analyst dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  NAT and Routed IP's
 Date:  Fri, 12 May 2006 09:30:04 +1000
Hi All

Just thought I'd post again on this subject. See if I can get some fresh 
eyes on it.

*Scenario*
I have 2 mail servers. 1 in my LAN which is Natted from my WAN, and 
another mail server in my DMZ on a Public IP that is routed to my WAN IP.

My DMZ is on a /27 public network, my WAN IP is a /30 Public IP.

*The Problem*
When I am natting port 25 to my LAN mail server, all connections that 
are made to my mail server on the routed public IP (port 25) by-pass my 
DMZ mail server and go to the natted LAN mail server.

It appears that m0n0 is totally ignoring my routed network and doing the 
NAT as soon as the packet hits the WAN

This problem is true for any services you NAT, e.g. Web (port 80)

The DMZ *_is_* routing correctly, I have other services on others 
servers that are working fine.

I can successfully telnet to port 25 on the DMZ mail server if I am 
doing it from a PC on the LAN

Why is m0n0wall doing NAT when I'm trying to establish a connection to a 
server on the routed DMZ?

Thanks

Mark