"
Hi,
I've a configuration with LAN, WAN and DMZ, all pretty standard. The configuration is essentially migrated from an old m0n0wall firewall. Everything seems to work pretty fine (DMZ->WAN, LAN->WAN, WAN->LAN (via NAT), WAN->DMZ (via NAT), except that I cannot access hosts in DMZ from LAN and vice versa. If I do a port probe to a host in DMZ it works if Source is set to 'any' or 'DMZ', but not if it is set to LAN. So it definitely is a routing or firewall issue, not a wiring issue.
Firewall rules are
LAN: all protocols all sources to all destinations
DMZ: allow all protocols to any DMZ address from any LAN address
DMZ: allow traffic to specific hosts/ports in LAN from specific DMZ hosts
It's probably something stupid I forgot, but despite searching this forum and other sources I cannot figure out what I did wrong.
I've a configuration with LAN, WAN and DMZ, all pretty standard. The configuration is essentially migrated from an old m0n0wall firewall. Everything seems to work pretty fine (DMZ->WAN, LAN->WAN, WAN->LAN (via NAT), WAN->DMZ (via NAT), except that I cannot access hosts in DMZ from LAN and vice versa. If I do a port probe to a host in DMZ it works if Source is set to 'any' or 'DMZ', but not if it is set to LAN. So it definitely is a routing or firewall issue, not a wiring issue.
Firewall rules are
LAN: all protocols all sources to all destinations
DMZ: allow all protocols to any DMZ address from any LAN address
DMZ: allow traffic to specific hosts/ports in LAN from specific DMZ hosts
It's probably something stupid I forgot, but despite searching this forum and other sources I cannot figure out what I did wrong.
