Alex Threlfall said:
> Hi All,
> Our ADSL came with an /27 of public IP space (requested through Ripe
> as we're a large office building and we'll be selling our ADSL onto the
> other occupants).
It sounds like you might need more IP addresses than that.
I'm no expert, but /27 means that there are 5 bits left over.
I think you need 2 bits per segment - which gets you one address.
So, the other 3 bits will select *your* customer.
That's just 8 customers.
Of course, your ISP could set you up with other IP ranges
that are routed through your network. But that's more complex.
Unless you are selling non-routable access.
In which case, ignore the above math.
> Therefore it seems like the right thing to do would be setup the WAN
> and DMZ to be bridged,
I don't think you need to bridge the WAN and DMZ - you
may need to segment it, and route between them.
However, someone else may be able to comment on bridging
WAN and DMZ.
> Now in order to test this I'll put up an spare machine by merely
> plugging the m0n0wall box into the public vlan and the machine I'll be
> testing into the dmz port on the firewall. Will that interfere with the
> current machines on the public VLAN, or will the m0n0wall only forward
> packets that it recieves that it knows about behind the DMZ?
You can't have m0n0wall on the same segment as your
existing machines using the same IP address.
You could use one or more of the other IP's that you have been
> Also, I've got an quad port nic in the machine with one onboard
> (fxp0 intel) which has been recognised fine btw (D-Link DFE-570TX, detects
> as dc0-dc3 btw). How can I configure the optional Interfaces I'm not using
> as additional LAN interfaces for other companies in the building?
To allow configuring more interfaces, look for the Assign link
on the menu on the left. Allows you to assign/reassign interfaces.
> I've also found an supplier for 16Mb DiskOnChip devices which are about
> 3cm high and plug directly into the IDE on a board,
That sounds good...you probably need to use the generic PC image
> Oh and one last thing I just thought of as I wrote that last
> sentence, I don't see any option to download the config
This capability is there.
Good luck. Feel free to see the docs on http://www.m0n0.ch/wall
and to post additional questions.