Firewall/NAT

Here's my network diagram:  my problem is that client1 cannot see server1.

(http://rmtechteam.com/images/ebay/opt1.jpg)

I've added a 3rd NIC to the monowall and assigned it 192.168.35.205
I've created a firewall rule on OPT1 *|*|*|*|*

I can ping 192.168.35.2 from the diagnostics>Ping/Traceroute utility if i use the OPT1 interface, but I can't ping 192.168.35.2 from client1

I can ping 192.168.35.205 from client1, but nothing else on the 35.X network.

What am I missing?

I think i've got it figured out using an outbound NAT. 

All traffic to .35.x goes through the OPT1 interface, rest goes through the WAN interface.

If that doesn't work in production tomorrow, i'll report back.  otherwise assume that's the fix

I've created a firewall rule on OPT1 *|*|*|*|*

This will only allow traffic from the OPT1 network to the LAN not the other way round, which is exactly what you were finding

I can ping 192.168.35.2 from the diagnostics>Ping/Traceroute utility if i use the OPT1 interface, but I can't ping 192.168.35.2 from client1

I can ping 192.168.35.205 from client1, but nothing else on the 35.X network.

The rules act on the interface where the traffic comes in on, so you need a rule on both interfaces allowing traffic to the other network.

This howto below might help solve prob! It helped me when i had a same problem.

http://doc.m0n0.ch/handbook/examples.html

-Havokki-

I've got the same issues and no dice... I've tried routing tables and still no luck. Why do I want access to the DMZ? Access baby... Access.

DannyWiki

for me the fix was to setup an outbound NAT.