On Mon, 12 Nov 2001, Nadeem Hasan wrote:
Hi,
I am not trying to masquerade the DMZ. My problem is that I cannot connect from DMZ to internet. All the connections are denied by the firewall. I need to run mail relay and bind on the DMZ machine. I cannot do that till I am able to connect to internet from DMZ.
I am sure lots of people here are running this kind of setup. But its not covered by the scenarios in EXAMPLES file.
Hope to get some help.
-----Original Message----- From: Arjen Runsink [mailto:arjen@technologist.com] Sent: Monday, November 12, 2001 3:34 AM To: Nadeem Hasan Cc: 'suse-security@suse.com' Subject: Re: [suse-security] susefirewall2 setup: Running postfix in the DMZ
Hello Nadeem Hasan,
Nadeem Hasan wrote:
I want to run postfix as mail relay and squid as a proxy on the DMZ. I am using SuSEfirewall2 v1.9 on the "firewall" box. I have masquerading already working. I have setup the FW_FORWARD to forward port 80 and 25
Well You did properly subnet so the server in the DMZ is routable, so you should not need to masquerade the DMZ! And neither portforwarding. That is only necessary if you use a private/non-routable address range.
BB, Arjen
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
have made sure that the DMZ is catered for in the firewall? Kenneth