Enable DMZ for Public IP
Setting up a DMZ for a public IP address will point all traffic directed to the public IP address to the private IP address. Also all traffic from the private IP address will be redirected to be sent from the public IP. To enable DMZ for an IP address you first need to SSH to the WiDirect and run these commands:
su - emacs /etc/sysconfig/iptables
Towards the bottom of that file you will see lines that look like this:
*nat :OUTPUT ACCEPT [401:23400] :POSTROUTING ACCEPT [375:21730] :PREROUTING ACCEPT [144:12599] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT
You will want to add two additional lines before the COMMIT line. The following example redirects all traffic to 18.104.22.168 to 172.16.1.10:
*nat :OUTPUT ACCEPT [401:23400] :POSTROUTING ACCEPT [375:21730] :PREROUTING ACCEPT [144:12599] -A POSTROUTING -o eth0 -j MASQUERADE -A PREROUTING -d 22.214.171.124 -i eth0 -j DNAT --to-destination 172.16.1.10 -A POSTROUTING -s 172.16.1.10 -o eth0 -j SNAT --to-source 126.96.36.199 COMMIT
To save and exit that file press Control-X followed by Control-C. Restart the firewall by running these commands:
service iptables restart service awicp_client restart
You will also need to add a subinterface with the desired IP on eth0. On the Network & Routing page click the button to add the subinterface. Enter the desired IP and subnet mask to create it.
It may also be a good idea to add the user to the trusted user list in the firewall configuration. That way the user will not be disconnected by the firewall.