[ previous ] [ next ] [ threads ]
 From:  John <strgout at unixjunkie dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Design help
 Date:  Fri, 7 Jan 2005 15:09:35 -0600
On Fri, Jan 07, 2005 at 12:44:22PM -0800, K.C. Callis wrote:
> I am designing a firewall to support 3 (and possibly 4) interfaces in my 
> firewall. The first interface would be for external internet connections, 
> the second for internal LAN, and the last is for a connection to multiple 
> Access Points. This is for support of a WISP, and I have been using 
> Smoothwall, thinking about migrating to IPCop, although I am please with 
> how *BSD works, especially with IPFW and dealing with good lock down.
> My question is, can I take mutiple AP, connect the to a switch, run the 
> switch into the 3rd interface, and have the AP interface act as a seperate 
> network segment. IPCop 1.4 does a seperate interface for wireless, but 
> unfortunately it doesn't support multiple APs. My wireless interface needs 
> to handle class B addressing, and I must be able to handle multiple AP 
> coming through the single interface. Furthermore, I need to maintain the 
> web interface accessibility (although I guess I could just script things 
> and see if I could  make it work.).

Will each AP segment have its own ip segment also? Will one AP segment need
to be able to communicate with other AP segments?

Just off the top of my head i was thinking about creating vlan intface on the
m0n0wall for each vlan you want. Then each AP would have its own vlan and ip
segment. The only problem i would see is if you needed to have one AP segment
talk to some other AP segment. I'm not real sure what IPF would think about
this. I also have not tested this kind of config, just throwing some ideas out