I searched the mailing list and saw that it's possible to turn off the
NAT-Feature of MonoWall so that I can use public IPs on the LAN/DMZ
interface (with Smoothwall or IPCop I can't do this) and now I just try
to figure out how to configure everything correctly (I'm a network noob :)).
My net/configuration for MonoWall looks like this:
Netmask: 255.255.255.128 or /25
Range: xxx.xxx.240.1 to xxx.xxx.240.126
Netmask: 255.255.255.252 or /30
I thought to cut some IPs from the LAN-Net for the DMZ for example the
range from xxx.xxx.240.113 to xxx.xxx.240.126 (Net xxx.xxx.240.112,
Netmask 255.255.255.240 or /28) but I don't know if this really works
because the LAN has still the range from 1 to 126 through the /25 mask
and when I use a /26 mask the range is to small, is there another
solution or is it not a problem at all?
For the "rest" I just have to turn on "Enable advanced outbound NAT" so
that MonoWall uses no NAT, right? And then I can add rules to Block/Pass
traffic for LAN/DMZ/WAN?
Is this in short the way I can configure MonoWall for public IPs on
LAN/DMZ or is there something I missed? I'm open for any suggestions
especially for the DMZ part .