Firewall/NAT

Hi Guys, i'm trying to setup the following:

2x servers (1 x web server, 1x SQL server),

M0n0wall config:

1x Port for Network

1x Port for Web server

1x Port for SQL server.

The LAN needs to be able to see both servers and connect to it on its 192.168.10/24 network

The Webserver needs to be able to connect to the SQL server.

-----------------------------------

I thought the best way is to NAT 2x LAN ip's into the m0n0wall (for both servers), and then setup firewall rules to allow traffic to pass between both and then between each / LAN network.

Is this the correct way to do it, or is there an easier way?

Please be more specifc on what you're trying to do here. Are you trying to setup a DMZ for the webserver and SQL server?

Hi,

Ok...

So the webserver has 2x Network cards:

1) Public IP address (firewalled by a Juniper firewall)
2) Internal IP address (LAN on M0n0wall),

The SQL server has 1x Network card:

1) Internal IP address (OPT1 on M0n0wall)

The office network is on a 192.168.10/24 IP range and is on the (WAN port on the m0n0wall).

I want to restrict access between the office network and the Web server,
The office network and the SQL server
The SQL server and the web server

So basically everything is 'controlled' but can talk to one another on allowed ports.

Hope this helps

Ok as a mini update, i've managed to get both boxes to talk to the admin network.

I did this via 1:1 NAT,

However they don't seem to be able to see each other (no response on ping.etc).

Firewall rules 100% allow them to talk to each other.

Web servers internal IP is 192.168.1.2 on LAN interface (with 192.168.1.1 being the m0n0wall)

SQL servers internal IP is 192.168.2.2 on OPT1 interface (with 192.168.2.1 being the m0n0wall)

Do I need to setup some sort of tunnel for the LAN and OPT1 interfaces to be able to see each other or should this work?