News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: block OPT1 (DMZ) from accessing LAN
Pages: [1]
Topic: block OPT1 (DMZ) from accessing LAN  (Read 2205 times)
« on: December 26, 2008, 09:54:07 »
mikeda411 *
Posts: 1
Hi Everyone,

Is there any way that i can block anything from my opt1 network 172.16.1.0/24 from being able to access the internal LAN network 10.1.1.0/24.

I have tried creating block rules base on the opt1 and lan interface. After creating different types of rules for about 3hours i really don't understand what i need to do. From my opt1 (DMZ) client i can still ping the LAN interface. Please share your wisdom with me.
« Reply #1 on: December 28, 2008, 20:54:54 »
Uluen **
Posts: 59
I thought the default behavior was to block traffic, strange.
« Reply #2 on: December 28, 2008, 22:42:18 »
Fred Grayson *****
Posts: 994
Read up on properly setting up a DMZ in the m0n0wall Handbook.

http://doc.m0n0.ch/handbook-single/

See section 13.
--
Google is your friend and Bob's your uncle.
« Reply #3 on: January 05, 2009, 10:10:28 »
markb ****
Posts: 331
A simple rule on the opt interface allow all to not LAN should sort this then a block all at the end of the list.  Remember to get the rules in order as they are processed in order.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines