Allowing web server in dmz to access AS400 in LAN
There is a network protected by shorewall firewall. Now they want to add a dmz (to place the web server) and the web server should be able to access the AS400 server in side LAN for authentication and accessing other data.
The web server's default gateway is set to shorewall's dmz interface but the AS400's default gateway is set to another router (which cannot be changed) and to complicate the things these people do not allow to add a static route for AS400 host.
My problem is how can I make the communication between web server and AS400 work. I have the list of ports listened by AS400 server.
Please provide example firewall rules if possible.
Thanks in advance.