I've just setup my Smoothwall firewall with trusted, untrusted and DMZ interfaces and I can't get my webserver (Linux/Apache) working in the DMZ.

From trusted to untrusted - all is OK am browsing etc all OK

From untrusted to DMZ - I can ping OK - so all connectivity is working.

I have enabled port forwarding so that incoming TCP requests from any to port 80 are redirected to the host in my DMZ and on port 80

I have also enable an external access rule that allows TCP requests in on the untrusted interface.

In the trusted subnet, I can get to the default web site on my DMZ webserver if I use the IP address of the actual NIC on the webserver - But I can't access the virtual web sites or public address via http:80

My webserver used to be my NAT box so it used to have a private and public addresses (on two different NICs) - but now I have the firewall and DMZ, I am only using on NIC in the webserver and I have assigned it a private address. My virtual (name based) web sites were working OK - but since the change not working -

I think I have two problems:

1) Port fowarding doesn't seem to work on the smoothwall (how can this be tested ??)
2) Not sure whether to use private or public addresses in the httpd config for the virtual web sites - my thinking is they should be public

any help is appreciated

/edit - I just got a friend to check my web sites and he can get to them (needed private addressing in the virtual site setup in httpd.conf)

So my problem now is that I can access my own web sites on my DMZ