General Questions

Hi all,

I have setup a DMZ first time and the webservices (http, dns,mail)  are working from outside and inside the lan.  As I am running my DNS from the dmz host, this dns is used for resolving the services from the LAN side. I have a firewall rule in place to allow traffic from LAN to DMZ.

My setup:
monowall (1.3b14)  3 nics
LAN ips: 192.168.100.*
monowall 192.168.100.50
OPT1 nic 192.168.200.1

DMZ host ip config:
ip 192.168.200.10
gateway 192.168.200.1


My problem:
DMZ host is running webserver on 192.168.200.10
opening a browser address to ip of DMZ host 192.168.200.10 will result in connecting to monowall webgui which is set to 192.168.100.50 as above desribed.

Why am I not able to connect to my webserver's address ?
Or the other way around: Why am I connected to monowall's webgui ?

Do I expect something which is not possible or where do I mess up the settings ?

Any hints and help very appreciated
Johannes



 

Monowalls webgui will be accessible on the opt and lan interface ip addresses, I.e. 192.168.200.1

There is no reason that .10 would bring up the webgui unless there is a typo somewhere or you have something odd with NAT or the .10 host is serving up the webgui as a proxy ?

thank you for your quick answer. Meanwhile I could get it working, so that the dmz host would bring up the NAT-services.

The dns-ip for the dmz client (interface properties) was set to the ip of the DNS server running on the dmz client.
Even so the NAT-services running on this very one dmz client were set correctly in the dns software, it was still failing. Calling one of the NAT-services (website) from the dmz client resulted in presenting the monowall-gui .

Setting the dns-ip to the OPT1-ip (interface properties), enabling the monowall forwarder, setting the ISP's DNS server (!!) in "General setup > DNS " and placing the NAT-services ip in monowall did the trick.
This will NOT work when the dns server running in the dmz is set in "General setup > DNS " .

Johannes