[ previous ] [ next ] [ threads ]
 
 From:  Bart Smit <bit at signature dot nl>
 To:  Thomas Biedorf <tom at startmovie dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] How to route "real" IPs from WAN to DMZ?
 Date:  Tue, 22 Jul 2003 15:37:04 +0200 (CEST) 
On Tue, 22 Jul 2003, Thomas Biedorf wrote:

> What I don't get is: The ISP router serves all IPs to m0n0wall. Why
> can't m0n0wall decide, where to route the remaining IPs (since m0m0wall
> needs two of them)? Would it work if I define the m0n0wall IP of the
> DMZ on our servers as a gateway?

So you have a network with a bunch of servers and you want to pop in
m0n0wall and put the servers behind it in the DMZ without having to change
anything on your uplink (since you don't have access to the router).
Right?

If that is your problem, in my opinion the cleanest and easiest solution
for your problem is having m0n0wall do proxy-arp on the WAN interface for
whatever is in the DMZ. m0n0wall cannot do this right now. Perhaps someone
feels up to the task of implementing it? ;-)

--B