|
||||||||
Hi, I am replacing a 3com firewall and need to keep the IP addressing as is. Nat/Firewall is working fine for the LAN. I cannot configure the DMZ. Machines on the DMZ cannot ping the Wan or the Gateway. ISP issued block: x.x.x.240/28 WAN x.x.x.251/28 ISP designated gateway for this block: x.x.x.241 Machines in the DMZ have public IPs within this x.x.x.240/28 block. For example, our web server is x.x.x.252 with a gateway of x.x.x.251, and an ftp server is x.x.x.246. The 3com allows for 2 DMZ ranges of x.x.x.242-250 and 252-254. m0n0wall appears to allow only a single DMZ net. For the moment I am allowing all traffic to and from the DMZ: Wan interface -- Proto: * Source: DMZ Net Port: * Destination: * Port: * DMZ Interface -- Proto: * Source: * Port: * Destination: DMZ net Port: * Please know that I have searched the archives, but I'm still stumped. Thanks for your time. Cheers, Jeanne |