Christiaens Joachim wrote:
> For EXAMPLE, use a 22.214.171.124/27 subnet on your WAN side
> - 126.96.36.199/27 for your ISP's router
> - 188.8.131.52/27 for your m0n0-WAN
> - (184.108.40.206 = network addr, 220.127.116.11 = broadcast)
> and use a 18.104.22.168/27 subnet for your DMZ
> - 22.214.171.124/27 for your m0n0-DMZ
> - 126.96.36.199/27 - 188.8.131.52/27 for your servers
> - (184.108.40.206 = network addr, 220.127.116.11 = broadcast)
> you'll have to redefine your routes in the ISP's router for it to work,
> because it needs to push traffic for the DMZ-servers to the m0n0wall,
> on the
> other subnet...
Ok, I understand. But I don't have the possibility to change the
routing tables on the ISPs router :-(
The router is connected directly to the WAN interface of m0n0wall.
Isn't there any chance to do it?
And the heck, no, I don't want to redefine all IPs of our Servers to do
a NAT. ;-)
What I don't get is: The ISP router serves all IPs to m0n0wall. Why
can't m0n0wall decide, where to route the remaining IPs (since m0m0wall
needs two of them)? Would it work if I define the m0n0wall IP of the
DMZ on our servers as a gateway?
Maybe there are some more ideas out there? Ok, I am not really an
IP-guru, please forgive my ignorance!
BTW: Thanks Christiaens!