I try to configure a monowall and need to keep my public IP addresses as
ISP range: x.x.x.x.168/29
ISP gateway: x.x.x.174/29
Machines in DMZ have a public IP address;
www1 & FTP x.x.x.169
www2 & FTP x.x.x.170
www3 & FTP x.x.x.171
192.168.12.1 NAT x.x.x.173 Mailserver/fileserver
Put a 1:1 NAT for the mailserver works fine.
I don't have access on the DMZ machines form the LAN nor WAN.
I do allow:
WAN: *.DMZ net *.*
DMZ: *.* DMZ net.*
I've tried several configuration on the monowall but get only the LAN
workstations accessible to the internet, but not my own www servers in DMZ.
Do I need to bridge DMZ with the WAN and 'enable filtering bridge' and
enable advanced outbound nat?
Looking to the archives I see a lot of references to 'proxy arp'.
What's the right procedure, step by step, to get this setup running? I'm