Thanks for the info, Kasper.  Just so I get this right, you did not use a 
LAN in m0n0?  But both ports on the 860A are configured as OPT's ( I have 
the 3 port RealTek version)?  I may have to pm you later for more info if 
that's okay.  I can use all the help I can get right now.

Thanks again.

Aaron


----- Original Message ----- 
From: <kasper at kasperkp dot dk>
To: "Aaron Cherman" <acherman at shaw dot ca>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, January 24, 2005 11:49 PM
Subject: Re: [m0n0wall] VLAN Tagging Support


>
> ----- Original Message ----- 
>>It does not seem that m0n0 is doing any tagging or responding to tags.
>>I have read through most of the documentation and found that the
>>chipsets in my box (a Lex System CV860A) are not on the supported
>>list.  Is this my problem or am I missing something somewhere in the
>>configuration.
>>Aaron
>
> The CV860A (at least the realtek version) DOES work with a vlan.
>
> The procedure I used:
> Add vlan, host is opt1, id is 101
> add interface, we now have opt2.
> Give opt2 an ip address/range
> add a rule to wan to allow ingoing packets destined for that range
> add a rule to opt2 to allow outgoing traffic
> on the switch - we used a suspiciously poorly documented planet switch - 
> set:
> port 1..23 with vlan id 101..123
> create 23 groups so all 23 ports share a group with port 24 (members are 1 
> untagged ,24 tagged)
> plug opt1 into port 24
>
> After you've worn out the mouse you'll be looking for a faster box to run 
> m0n0 on, since the webgui is a tad slow.
>
> It's a pity m0n0 won't bridge more than two interfaces. I would like to 
> have a setup where the m0n0 was just a very smart switch.
> That would allow me to have 47 clients, with 47 public, routable ips, and 
> ensure they can't transmit packets with each other's IP address as source.
>
> /Kasper