Date: Sat, 1 Oct 2011 13:02:43 -0700 From: Freddie Cash <fjwcash@gmail.com> To: Marek Salwerowicz <marek_sal@wp.pl> Cc: freebsd-net@freebsd.org Subject: Re: ipfw - accessing DMZ from LAN Message-ID: <CAOjFWZ7LV3z=22mPLXw-T0W6dJCfVVZ9Q%2Bd%2BKxg1VFdM51eLww@mail.gmail.com> In-Reply-To: <4E876705.3040806@wp.pl> References: <4E412116.1070305@wp.pl> <CAOjFWZ4B3uUfOLAzL=B1WY98rqi6X32j7FM61VjJ3td76NkADg@mail.gmail.com> <4E422A74.3090601@wp.pl> <CAOjFWZ5CK62nQMA8JsfW1b4BQh3hAJbAAynortzaUBqSWBwdSQ@mail.gmail.com> <4E7B450F.5050802@wp.pl> <CAOjFWZ6wf9NnVeffUV4uA6h1t-1T8juxXycZbM7%2BGgpFC-HkUg@mail.gmail.com> <4E84B447.7010509@wp.pl> <CAOjFWZ4XOU2dT3%2BL6AJeUNO7QcC=0ymLXN3GMkzCuoB3a1Qyew@mail.gmail.com> <4E84DE26.6030103@misal.pl> <4E85D8CB.6010104@wp.pl> <CAOjFWZ6xZ5bDcm6aAVvwz47rmYLEqSyKO5Bzg3aQPHS-o98w_w@mail.gmail.com> <4E876705.3040806@wp.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 1, 2011 12:16 PM, "Marek Salwerowicz" <marek_sal@wp.pl> wrote: > > W dniu 2011-09-30 17:44, Freddie Cash pisze: > >> >> that's the correct behaviour, as the public IPs are physically assigned to >> the interfaces on the router. Thus, connecting to the public IPs from the >> router ... will connect to the router. >> >> You need to ping the private IPs from the router, since the router is >> directly connected to the private networks. >> > And how about pinging from other DMZ host to DMZ host (both are in the same subnet) ? > Am I able to allow them to contact using public IPs? No. They would have to connect using private IPs. However, you could setup split-DNS or views and just configure everything to connect using hostnames. It's extra work to setup, but does make things easier down-the-road. Freddie fjwcash@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOjFWZ7LV3z=22mPLXw-T0W6dJCfVVZ9Q%2Bd%2BKxg1VFdM51eLww>