Topic: Setting up DMZ

[matt001]

Hi Guys

I have got a static IP for my internet connection, and looking at getting another 4 more static ip addresses, now how do I setup SME Server 6.0.1 with DMZ, So I can have the new ips in DMZ say for example

202.1.2.0 (Public Static IP) forwards to 192.168.0.5 (Internal Network)

How do I do this.

[idp_qbn]

Hello...I think you want to put too many eggs in the one basket.

My preferred method is to use a dedicated firewall, not SME.
I recommend Smoothwall or IPCop, both of which are excellent firewall systems (small, free, work on minimal systems) which provide DMZ facility easily.

I use a P400 with 128Mb RAM and 8Gb HDD which handles 10 users really well.

Both have VPN ability, but IPCop especially can have OpenVPN (www.openvpn.net) to give you external access....and there are contribs here on how to do it with SME which are probably transposable to IPCop. I guess Smoothwall can use OpenVPN too, but is more tightly controlled about updates (which might knock out the OpenVPN).

Cheers

[matt001]

For the moment, I want to be able to use sme server for both, as I don't have a spare old pc at the moment.

And I really don't want to go and install another distro when I am happy with what SME does except, I need the setup DMZ with sme Server.

Is their a contrib that can do this for me.

[MSmith]

Actually there isn't an easy way to do this, as your search has no doubt revealed.  SME is not designed for exposing an internal host or hosts to the Internet and has no provisions for adding that functionality.
Your best bet is to do as idp_qbn suggests and go with a firewall distro that is designed to support what you want.  You can most likely go to a thrift shop and get a PC that will run Smoothwall or IPCop for $20 USD.