[ previous ] [ next ] [ threads ]
 
 From:  "rlpumphrey at comcast dot net" <rlpumphrey at comcast dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  the meaning of FAQ 16.3
 Date:  Tue, 16 Jan 2007 20:31:40 -0700
16.3. Why isn't it possible to access NATed 
services by the public IP address from 
LAN?
Problem. It is not possible to access NATed services using the public (WAN) IP 
address from within LAN 


I have Cisco 1700 router with a subnet of public addresses.  I want to put 
monowall behind the Cisco router with My LAN behind monowall.  On  My LAN 
I have a number of servers (e.g. web, ftp, email) all with  wan on a subnet that the 
monowall WAN is setting on.  Then the monowall box is NATing those addresses 
to My LAN.

Internet ------Cisco  1700 ----- monowall ---- My main LAN---- webserver etc.

With this setup if I ping My URL www.mywebserver.com from My LAN side 
computer, I get returned the ipaddress that the Cisco router is NATing to, not the 
My internal LAN ipaddress.  

So is this correct. This is  what this FAQ is tring to tell me, and  I need to setup 
My LAN side DNS server to resolve things like www.mywebserver.com or  use the 
other answers of 16.3

The reason for doing this is I want to stop using the Cisco router as a firewall.

Robert L. Pumphrey
rlpumphrey at comcast dot net