I have two public addresses on my WAN interface
Outbound traffic from LAN and DMZ currently goes out / masquerades on address 1
I have port forwarding rules that send WAN traffic arriving on address 2 to a host on my DMZ zone
I would like all hosts on DMZ zone to use address 2 for their outbound traffic / masq.
Let me know if I should show my config in more detail. But I am looking for generic device about how you would set up one zone to use one public IP, and another zone use a different public IP.
This works for one host. Should I just expand source address to cover my entire DMZ network address range? Or is there a better way?
You need to do Policy Based Routing and you have 3 options:
- a set of rules/routes for each internet connection.
From firewall perspective, you can have both interfaces to the same wan zone or different wan/wanb zones. Either way masquerade should be enabled on both.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.