Firewall/NAT

[46]

Hi,
I found m0n0wall to be just the sollution, I need, but after 2 days of reading help and forums, I cannot configure it to work properly.

Actually, I followed this guidelines http://doc.m0n0.ch/handbook/faq-ipalias.html and some forum posts and it looked simple:

my ISP assigned to me a GATEWAY IP subnet x.x.70.44/30, .45 at their side and .46 at my side,
and a range of public IP's, x.x.80.16/28.

So, I did it in m0n0:
- assigned x.x.70.46/30 IP to WAN interface with Gateway x.x.70.45
- assigned x.x.80.17/28 to DMZ interface with gateway x.x.70.46
- turned ON advanced otbound NAT
- and created one Firewall RULE for LAN interface in order to disable NAT for WAN<>DMZ

But it does not work.

Indeed, I can PING outside world from WAN and from DMZ, also DNS resolving works from both interfaces to outside, but I cannot get to my servers in DMZ zone, neither from outer world, neither from WAN interface.

Must I create some ROUTING or RULES or something else?
Any idea appreciated & thanx in advance.

You need firewall rules to permit traffic.

Routing between internal subnets is assumed, and the default LAN rule will allow your LAN subnet to access the DMZ subnet. Disabling NAT is required to keep the DMZ hosts from getting NAT'ed to the WAN IP. You'll need to create an advanced outbound NAT rule to get to the Internet from the LAN.

Can you show your firewall rules for all interfaces and your outbound NAT rules?