[ previous ] [ next ] [ threads ]
 From:  Thomas Biedorf <tom at startmovie dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] How to route "real" IPs from WAN to DMZ?
 Date:  Tue, 22 Jul 2003 15:16:10 +0200
Christiaens Joachim wrote:

> For EXAMPLE, use a subnet on your WAN side
> - for your ISP's router
> - for your m0n0-WAN
> - ( = network addr, = broadcast)
> and use a subnet for your DMZ
> - for your m0n0-DMZ
> - - for your servers
> - ( = network addr, = broadcast)
> you'll have to redefine your routes in the ISP's router for it to work,
> because it needs to push traffic for the DMZ-servers to the m0n0wall, 
> on the
> other subnet...

Ok, I understand. But I don't have the possibility to change the 
routing tables on the ISPs router :-(
The router is connected directly to the WAN interface of m0n0wall. 
Isn't there any chance to do it?
And the heck, no, I don't want to redefine all IPs of our Servers to do 
a NAT. ;-)

What I don't get is: The ISP router serves all IPs to m0n0wall. Why 
can't m0n0wall decide, where to route the remaining IPs (since m0m0wall 
needs two of them)? Would it work if I define the m0n0wall IP of the 
DMZ on our servers as a gateway?
Maybe there are some more ideas out there? Ok, I am not really an 
IP-guru, please forgive my ignorance!

BTW: Thanks Christiaens!

Kind regards,