|
||||||||
You setup should follow this look: -------wan interface------------- | | | | Lan DMZ | |-------|-------| | | | | 10.1.1.X 192.168.0.1:25 | 192.168.0.2:80 192.168.0.3:21 And your ruleset for NAT on the Wan Interface should look like this: WAN interface Proto Source Port Destination Port Description TCP * * 192.168.10.60 21(FTP) NAT FTP to Cerveza TCP * * 192.168.10.60 22(SSH) NAT SSH to Cerveza TCP * * 192.168.10.40 80(HTTP) NAT HTTP to Guiness TCP * * 192.168.10.40 443(HTTPS) NAT HTTPS to Guiness In a nutshell your are mapping services by port to one external IP. --------- Mensagem Original -------- From: gmourani at privalodc dot com To: m0n0wall at lists dot m0n0 dot ch <m0n0wall at lists dot m0n0 dot ch> Subject: [m0n0wall] WAN+LAN+DMZ Date: 03/05/04 02:41 > > Hello, > > I'm trying to use mOnOwall 1.0 for the following setting: > > -- ROUTER (65.39.158.81) <--> WAN (65.39.158.88) <--> DMZ (192.168.0.1) > | > LAN (10.1.1.24) > > There are some mail, web, ftp, dns, etc servers under the DMZ zone that > should be accessible via the Internet under public IP addr like > 65.39.158.83, etc. > > The problem here is that all servers under the DMZ have private IP addr > set to 192.168.0.x (for the 3 NICs to work with mOnOwall) and now I don't > know how to make these private IP addr (192.168.0.x) accessible over the > Internet under public IP addr like 65.39.158.x which was used before > installing mOnOwall. > > Thanks, > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > > > > > > |