|
||||||||
Hi, I searched the mailing list and saw that it's possible to turn off the NAT-Feature of MonoWall so that I can use public IPs on the LAN/DMZ interface (with Smoothwall or IPCop I can't do this) and now I just try to figure out how to configure everything correctly (I'm a network noob :)). My net/configuration for MonoWall looks like this: LAN: Net: xxx.xxx.240.0 Netmask: 255.255.255.128 or /25 Range: xxx.xxx.240.1 to xxx.xxx.240.126 LAN-IP xxx.xxx.240.1 WAN: Net: xxx.xxx.233.8 Netmask: 255.255.255.252 or /30 Gateway: xxx.xxx.233.9 WAN-IP: xxx.xxx.233.10 I thought to cut some IPs from the LAN-Net for the DMZ for example the range from xxx.xxx.240.113 to xxx.xxx.240.126 (Net xxx.xxx.240.112, Netmask 255.255.255.240 or /28) but I don't know if this really works because the LAN has still the range from 1 to 126 through the /25 mask and when I use a /26 mask the range is to small, is there another solution or is it not a problem at all? For the "rest" I just have to turn on "Enable advanced outbound NAT" so that MonoWall uses no NAT, right? And then I can add rules to Block/Pass traffic for LAN/DMZ/WAN? Is this in short the way I can configure MonoWall for public IPs on LAN/DMZ or is there something I missed? I'm open for any suggestions especially for the DMZ part . Bye, Jürgen |