Create new interface DMZ but problem to access
-
Is your DMZ bridged to WAN?
If not, why are you using public IPs on it? -
Hello,
i'm not sure it's bridged, where can i check that please (sorry, newbie :) )
you speaking about the range 12.0.0.0? I just choice it but i can change it if it's not a good solution. What's the better choice as subnet?
My situation : LAN => Computers and servers ( maximum 50 devices)
DMZ : Maximum 10 devices.Thanks !
-
https://en.m.wikipedia.org/wiki/Private_network
-Rico
-
@Rico Ok i will change the DMZ ip to 10.2.0.1, i'm in the good range now, thanks.
It's why it's why it's not working ?
-
Destination WAN net is wrong, put any there for testing.
-Rico
-
Same for the protocol, atm you only allow TCP traffic.
-Rico
-
@Rico ok i changed the rules and now it's seems ok to the log, the traffic can pass but i cannot surf actually and the ping to 10.2.0.1 not pass but not blocked by the firewall as you can see
Have i to create a route or something else?
The actual rule :
Thanks !
-
Show the DMZ IP configuration (screenshots).
-Rico
-
-
Wrong netmask, change /32 to /24
-Rico
-
@Rico Ho nice it's ok now ! Cause the mask 255.255.255.255 the computer can only see itself right?
Do you know why i can't create a DHcp server on the DMZ interface ? I already configure it on the LAN interface but i imagine we can create for each interface, right?
Thanks so much Rico!
-
With the correct netmask you should be able to configure the DHCP server now.
-Rico
-
@Rico You right i just checked now and the DMZ interface appear now, so perfect.
Thanks !
-
As said above, remove the WAN net.
Also : TCP only ??
That means that there will be no DNS (UDP mostly !) requests allowed .....
Make that an "any" or at least TCP/UDP/ICMP. -
Glad you have it working now. :-)
-Rico
-
@Gertjan All works now :) !
Thanks men !
