Hello,
I am trying to accomplish a network setup which currently looks like:
* internal network
* dmz
* dmz2 (unused currently)
* external network
To allow web traffic etc I have configured aliases and binat rules on
the external interface (eg. binat on $ext_if from $www_intern to any ->
$www_extern).
To make the external addresses reachable from the internal network I did
the same for the internal interface.
The problem now is that the dmz addresses which have been binatted are
answering through the router with their external ip address eg.:
PING 172.16.100.20 (172.16.100.20): 56 data bytes
64 bytes from 194.109.134.165: icmp_seq=0 ttl=63 time=0.613 ms
I read there are some caveats with binat and this is probably one of
them. Is there a way to solve this issue? Is the network setup (pf wise)
actually correct?
Thanks in advance,
Bolke
