This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAT from LAN to DMZ???? HELP!

Hi folks,

i got a problem with this:

1st Firewall Version 3.040
eth0 xxx.xxx.xxx.218 (extIface)
eth1 192.168.1.1 (toDMZ)

2nd Firewall Version 3.040
eth0 192.168.100.251 (LAN=internal)
eth1 192.168.1.2 (toDMZ)

I want to configure the 1st FW in the DMZ from the LAN. I must do NAT from 192.168.100.195 to 192.168.1.1!???! Is this right?
PING over icmp runs in all parts.

What should i do? My configures doesnt work...

  1  Any Any Any Log Drop  edit del move
  2  LAN Any Any Allow  edit del move
  3  Any Telnet Any Log Drop  edit del move
  4  192.168.100.195 HTTPS 192.168.1.1 Allow edit del move

test   LAN -> DMZ / Any   192.168.100.195   192.168.1.1 / HTTPS   edit | delete

Thx for examples...
kind regards...AKo

This thread was automatically locked due to age.

0 ClausP over 23 years ago

crazy design ! ;-)

>4 192.168.100.195 HTTPS 192.168.1.1 Allow edit del move

This role would only allow the ip 192.168.100.195 access via https to 192.168.1.1

NATing would be done before paket filtering.

The rule must incl. the DNATed IP Adress. for ex.

4 ANY HTTPS 192.168.1.1 Allow edit del move

claus
Cancel
Vote Up 0 Vote Down

Cancel
0 Chris_W over 23 years ago in reply to ClausP

hi,
is this right - your trying to get all your internet traffic through the DMZ with an extra ip-range?

i think they designed ASL to work on 1 PC with 3 Network-Cards, so it's little less ip-changing.

What is advantage of 2 separated firewalls?

chris_w
Cancel
Vote Up 0 Vote Down

Cancel