How should I proceed? DMZ over a different WAN

From:	"David Sabo" <dsabo at valeven dot com>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	How should I proceed? DMZ over a different WAN
Date:	Sat, 17 Jun 2006 01:26:54 -0400

Hello,

 

            I need some advice on the configuration that I'll describe
below; I don't know exactly how I should proceed.

 

            Here's my scenario:

                                                       200.45.X.65 Public IP
200.45.X.64 Public IP

                                                            OPT1
--------------------------- Router ---------------------- Internet 

                                      DHCP               |

      Internet ----- WAN DSL---- m0n0wall 

                                                   _______|______   

                                                   |                      |

                                                LAN                 DMZ

192.168.1.1             192.168.2.0

 

1.       WAN Interface: DSL DHCP

2.       LAN: Private Subnet

3.       DMZ: Private Subnet with one web servers so far.

4.       OPT1: Public IP of a second WAN

 

What I need:

 

a.       DMZ will have one or two Web Servers.

b.      The Web Servers on the DMZ connects to SQL Server on LAN.

c.       LAN clients need to use WAN DSL connection through internet.

d.      DMZ servers need to be connected through static public IP Second WAN
(OPT1), as a separate outgoing connection.

 

How should I setup the m0n0wall for this configuration to work?

 

Should I necessary add another m0n0wall for the second static public IP WAN?
If I need a new box, how I should I setup the connection from DMZ to LAN?

 

Could I use the same subnet on LAN and DMZ, so DMZ server could be in the
windows domain?

 

Thank you very much for your help.

 

Best Regards,

 

            David S