[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Routing private networks



On Thu, Mar 20, 2003 at 11:02:03AM -0800, Bryan Irvine wrote:
> no nat on $WAN from $LAN to $DMZ
> no nat on $WAN from $DMZ to $LAN
> nat on $WAN inet from $LAN to any -> ($WAN)
> nat on $WAN inet from $DMZ to any -> ($WAN)
Packets from $LAN to $DMZ and vice versa, never go across $WAN
interface. Hence,
"no nat on $WAN from $LAN to $DMZ" is bogus. It does nothing.
Try, "no nat from $LAN to $DMZ"
// haver