|
||||||||
I have been reading the administrator's manual, familiarising myself with m0n0wall. One question to insure that I understand correctly... I have a /28 from my ISP. My router uses one and my m0n0wall will use the other. I want to use the remaining public IPs in the DMZ and do NAT with private IPs in the LAN. After reading this in the documentation: http://doc.m0n0.ch/handbook/faq-bridge.html , if I understand correctly, my machines in the LAN will not be able to access my servers in the DMZ due to a limitation in ipnat and bridging. So, if I use NAT in the DMZ, but do 1 to 1 mapping (public IP to private IP), will this get around this problem and allow my machines to access servers in the DMZ? Or is what I am trying to do not possible (mixing Nat and public ips)? If so, could I allocate half of the public ips to my LAN and the other half to the DMZ to get around this? Sorry if this is plainly obvious. This is my first forray into a software firewall and I want to be fully read up and understanding what I am doing before I invest the time into setting up the hardware. TIA for any help/advice! |