News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Question on limitation
Pages: [1]
Topic: Question on limitation  (Read 1503 times)
« on: July 02, 2007, 03:16:05 »
wdatkinson *
Posts: 6
I've recently replaced my Astaro firewall with m0n0wall and have a question on one of the limitations.  Prior to Astaro, I ran ipcop for years and various other linux solutions.

The limitation I'm curious about is the inability to access a NAT'd service from the inside LAN.  Specifically outlined by this, "It is not possible to access NATed services using the WAN IP address from within LAN (or an optional network).," on the inbound firewall rule page.

This wasn't a problem until I recently (temporarily) moved a mail server to the opt1 (dmz) network.  The mail server has an web interface.  I have external DNS configured and can access it ok from the outside.  The web interface is only accessible via https, and has the associated ssl cert configured.  While I can access the mail server from inside via the DMZ ip address, the external FQDN doesn't work.  Accessing the unit via IP pops the normal warning that the SSL cert doesn't match.

I'm just curious why this limitation exists and if its something that can be overcome.  Thanks in advance.
« Reply #1 on: July 11, 2007, 04:30:27 »
cmb *****
Posts: 851
http://doc.m0n0.ch/handbook/faq-lannat.html
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines