|
||||||||||
1:1 NAT probably wont work well unless you have 4 external IPs. (1 for each server you wish to use) set up ServerNAT entries in monowall, and use the Inbound NAT to redirect the ports you want, to the servers you want. Allow it to auto-allocate the rules. thats how I've done it anyway - although I have multiple external IPs, and I still prefer to use InboundNAT over 1:1 NAT purely for the flexibility (and correct me if I'm wrong, but it makes the firewall rules+NAT rule a bit more readable). 1:1 NAT only makes sense to me if you really need the internal/protected server to think it really is on the internet. Most of the time, I think this is not the case people want. ... and posting the same question twice in two days wont win you too many friends on any mailing list I'm aware of.. //chris On Wednesday 27 September 2006 14:51, xocer wrote: > Hi everybody! > > Before start, sorry for my bad english. And I admit Spanish responses ;) > > Well, I'm looking for a DMZ config where I've four servers. In > m0n0wall have three inrefaces, WAN, LAN and DMZ. By WAN come a > x.x.x.x/24 and in example > http://doc.m0n0.ch/handbook/examples.html#id2603650 I can redirect > with nat 1:1 a public ip to a DMZ ip > > after can I filter packets with firewall rules by port? or all traffic > is direct to de lan ip in DMZ interface in 1:1 nat? > > what example is better for my. The lastest URL or this: > http://doc.m0n0.ch/handbook/examples-filtered-bridge.html. I've the > wan interface conected to a LMDS bridge. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch -- Chris Hoy Poy System Administrator DownUnder GeoSolutions http://www.dugeo.com |