Many DMZ

Discussion in 'DD-WRT Firmware' started by xpanmanx, Apr 3, 2007.

  1. xpanmanx

    xpanmanx Network Guru Member


    I'm running SP2 micro as a front firewall. The back firewall is ISA 2006. I'm bridging SSL through the ISA to a private host.

    I need to add a second web listener on the ISA to build a bridge to another host. So I'll need to route two public IPs to separate hosts in the DMZ. Is SP2 micro capable of this?

    Thanks --
  2. xpanmanx

    xpanmanx Network Guru Member


    Restated: I want to add a 2nd public IP and route that traffic to a 2nd DMZ host. The IP and the route have to be durable.

    Can this be done through the GUI?

    If it's a CLI kind of thing, well, a Unix acquaintance mumbled something to me about IP aliasing, IPtables and rc.local, but then he left for the weekend. I'm pretty novice with Unix so I could use the help, if someone can spare the time.

    Best regards,

    Tim ==
  3. xpanmanx

    xpanmanx Network Guru Member


    The answer to my little riddle lay in several posts on the DD-WRT forum. Here's what I ended up doing.......

    ifconfig vlan1:1 aaa.bbb.ccc.ddd netmask broadcast
    (where aaa.bbb.ccc.ddd is the desired public address)

    /usr/sbin/iptables -I FORWARD -d -j ACCEPT
    /usr/sbin/iptables -t nat -I PREROUTING 1 -p all -d aaa.bbb.ccc.ddd -j DNAT --to
    /usr/sbin/iptables -t nat -I POSTROUTING 1 -p all -s -j SNAT --to aaa.bbb.ccc.ddd
    (where is the desired private address)

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice