Untangle Forums - View Single Post - Making the DMZ a Internal Network (192.168.2.x)

DrumScum · 11-26-2009, 12:48 PM

Thanks for your thorough breakdown. It cleared up a few things for me.

In the meantime I got traffic flowing from my NATless DMZ to my NAT'ed internal by adding one simple rule to the packet filter. Great stuff.

For those interested, this is the rule:

* Pass
* Source address: DMZ network (e.g. 172.16.0.0/24)
* Destination address: internal network (e.g. 10.11.12.1/24)

I now can start finetuning this, because obviously I don't want all of my DMZ to see all of my internal network.

11-26-2009, 12:48 PM	#9 (permalink)
DrumScum Newbie Join Date: Nov 2009 Posts: 4	Thanks for your thorough breakdown. It cleared up a few things for me. In the meantime I got traffic flowing from my NATless DMZ to my NAT'ed internal by adding one simple rule to the packet filter. Great stuff. For those interested, this is the rule: * Pass * Source address: DMZ network (e.g. 172.16.0.0/24) * Destination address: internal network (e.g. 10.11.12.1/24) I now can start finetuning this, because obviously I don't want all of my DMZ to see all of my internal network.