From owner-freebsd-questions@FreeBSD.ORG  Wed Apr 28 18:40:22 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 610EB16A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 28 Apr 2004 18:40:22 -0700 (PDT)
Received: from invasion.mail.pas.earthlink.net
	(invasion.mail.pas.earthlink.net [207.217.120.254])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2A1E643D48
	for <freebsd-questions@freebsd.org>;
	Wed, 28 Apr 2004 18:40:22 -0700 (PDT)
	(envelope-from algould@datawok.com)
Received: from 20-74.lctv-b4.cablelynx.com ([24.204.20.74]
	helo=yoda.datawok.com)
	by invasion.mail.pas.earthlink.net with asmtp (TLSv1:AES256-SHA:256)
	(Exim 3.36 #4)	id 1BJ0XF-0002fm-00
	for freebsd-questions@freebsd.org; Wed, 28 Apr 2004 18:40:22 -0700
Date: Wed, 28 Apr 2004 20:40:24 -0500
From: "Andrew L. Gould" <algould@datawok.com>
To: freebsd-questions@freebsd.org
Message-Id: <20040428204024.1e5169f2.algould@datawok.com>
In-Reply-To: <200404271107.20325.algould@datawok.com>
References: <200404271107.20325.algould@datawok.com>
Organization: 
X-Mailer: Sylpheed version 0.9.8a-gtk2-20040109 (GTK+ 2.2.4;
	i386-portbld-freebsd4.9)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: ee791d459e3d6817d780f4a490ca69564776905774d2ac4ba9a575289c375d34c03d2a49ef08f93b350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
Subject: SOLVED: Re: firewall and dmz questions
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Apr 2004 01:40:22 -0000

Summary of previous email:  I couldn't reach a web server that was designated as a DMZ (using a Linksys cable modem/router) from the internet.  Access to ssh from internet was successful; so some ports were accessible.  Firewall configuration looked correct.  Access could be achieved by using "open" firewall -- not an acceptable option.

Solution:  Desparately trying any idea, I deactivated the router's DMZ function and used the router's port forwarding features to forward specific ports to the server.  Both the internal and external network can access the web server now.

Does anyone know why port forwarding would work when the DMZ option wouldn't?

Thanks,

Andrew Gould