[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?J=FCrg_Schneider?= <Juerg dot Schneider at fabrimex dot ch>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] newbie DMZ question
 Date:  Wed, 9 Jun 2004 01:05:45 +0200 
> OK - but what is the actual IP that they use as a gateway if 
> the DMZ interface is a /29?

I meant:
If you have a net x.x.x.248/29 for the DMZ, then this is your base 
address. The host range goes from 249 to 254. Take 249 as the IP 
for the Opt1 interface of m0n0wall. 250 for the first server in the
DMZ. The next hop for this server is the interface of m0n0wall. This
is your gateway.  x.x.x.249.

> > I've specified the DMZ server in 'Server NAT' and the /29 DMZ net 
> > in 'Proxy Arp'. Then apropriate rules WAN -> DMZ and some for 
> > DMZ -> WAN. 
> 
> What is the actual IP that you are entering in 'Server NAT' 
> if you DMZ network is a /29?

The IP of the server: x.x.x.250 ('Server NAT' in m0n0wall takes only 
a single IP I think, but haven't try). And for the 'Proxy Arp' (takes 
also a subnet) I took the hole subnet, the base address x.x.x.248/29. 
This will work also for additional servers. If you want this only for 
one server, take the IP from this server.

Jürg