[ previous ] [ next ] [ threads ]
 
 From:  "fisch" <fisch at conne dash island dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  "Christiaens Joachim" <jchristi at oce dot be>, "'mk1 at neon1 dot net'" <mk1 at neon1 dot net>
 Subject:  RE: [m0n0wall] WAN -> DMZ what is wrong?
 Date:  Fri, 23 Jan 2004 18:05:44 +0100 (CET) 
fisch sagte:
> On Fri, 2004-01-23 at 11:21, Christiaens Joachim wrote:
>> > -----Original Message-----
>> > From: fisch [mailto:fisch at conne dash island dot de]
>>
>> > rl0 -> LAN (192.168.0.1)
>> > rl1 -> OPT1 (10.10.0.1)   [DMZ]
>> > rl2 -> WAN (172.16.0.200, it's a privat IP because of testing)
>> >
>> > - I enabled, that privat IP's can connect to m0n0
>> > - 1:1 NAT external 172.16.0.200, internal 10.10.0.2
>>
>> huh? 1:1 NAT for the WAN address? That messes up my m0n0wall (pb19), I
>> even
>> think this should be avoided (maybe make it impossible, Manuel?)
>>
>> >
>> > but I can't connect to webserver at 10.10.0.2 (via crossover at rl1)
>> >
>> > what's wrong?
>> > do I realy need 1:1 NAT to access an webserver in OPT1, or
>> > only Inbound NAT?
>>
>> Inbound NAT for port 80 should do fine (and maybe 443)
>>
>
> yes it works fine :)

but it only works with one WAN-IP, but I have 30 WAN-IP's :(

how to setup something link this (faked addresses):
WAN-IP             OPT1-IP
162.1.2.3:80  ->   192.168.1.3:80
162.1.2.3:22  ->   192.168.1.3:22
162.1.2.4:80  ->   192.168.1.4:80
162.1.2.5:80  ->   192.168.1.5:80

can anyone help?

>> Regards,
>> Joachim
>>
>
--
fisch <fisch at conne dash island dot de>