Steve Young wrote:
> I am trying to determine if I can configure M0n0Wall to masquerade
> inbound packets to the LAN IP address. In my particular case, the reason
> is that the M0n0wall is NOT the default gateway for the internal server
> I created the inbound NAT rule for.
> I have tried a couple of 'obvious' tricks by manually editing the XML
> configuration file to no avail:
> - adding a <target>192.168.168.2<target/> to the inbound NAT rule
> - creating an advanced outbound rule substituting: "lan" for the
> interface field and the proper IP address for target as well as source
> and destination.
> I haven't had much luck Googling this particular topic, but I truly
> don't consider this an "exotic" configuration.
> Since I am in the process of being "dumped" by someone, I'll probably
> have lots of time to hack at this, but I was hoping someone could either
> point me in the right direction or let me know that I'm way off base and
> that what I am trying to do doesn't make sense.
> Thanks for your consideration,
I have a server in my network that is behind a 2nd router on my
network. Our primary/edge firewall is m0n0wall. I simply 1:1 natted
one of our public IPs to the servers internal IP, even though it is not
on the same network as the LAN port of the m0n0wall. That, combined
with the static route in the m0n0wall to the 2nd network allows me
access to that server from the outside world. Be advised that you must
allow that traffic through on the internal (2nd) router also. Since my
internal router is strictly a router, no firewall, that detail was a
non-issue to me. However, if you are using another firewall internally,
you will need to make sure the traffic is allowed there also. HTH