|
||||||||
Hi Christian, On Sat, 2004-05-15 at 20:04, Christian Hjalmarsson wrote: > How to forward for ex. port 113 to both a computer at the DMZ network and to > a computer on the LAN > Now it works just to a computer at LAN network, and I need to enable it on > the DMZ too > > How do I do that ?? You cannot do this. This is not a m0n0wall limitation, but it is a function of the TCP protocol that is impossible to achieve. > I got an rule that forward to the lan computer end a NAT that tells it to go > to the specific computer on LAN... That is right - a single port can only be forwarded to a single place. If your ISP has allocated you multiple external (WAN) IPs, then it is easy - just assign all IPs to the WAN interface, and use m0n0wall to NAT a different IP:Port pair to a different internal address (LAN or DMZ). Basically, in TCP/IP, an IP Address:Port pair can only ever exist at one place - kind of like a street address - "1 Monowall Way, Redmond" can only result in the mailman delivering the mail to one place, not multiple places. > Hope you understand my problem Yes, I understand your problem. I hope you understand the reason you cannot achieve this without having additional IP addresses from your ISP. -- Regards, Hilton Travis Phone: +61-(0)7-3343-3889 Manager, Quark AudioVisual Phone: +61-(0)419-792-394 Quark Computers http://www.QuarkAV.com/ (Brisbane, Australia) http://www.QuarkAV.net/ Open Source Projects: http://www.ares-desktop.org/ http://www.mamboband.org/ Non Linear Video Editing Solutions & Digital Audio Workstations Network Administration, SmoothWall Firewalls, NOD32 AntiVirus Conference and Seminar AudioVisual Production and Recording War doesn't determine who is right. War determines who is left. |