On 09.12.2003, at 12:56, Tonni Aagesen wrote:
> My aim with the box is to share a internet connection between some
> clients on the lan, NAT a few ports to some servers, and else block
> unwanted trafic. My setup looks like this:
Nothing is easier than that. Start with the factory default
configuration. By default, the LAN interface is sis0 (Net0 on the
net4801) and WAN is sis1 (Net1), so you don't even have to change the
- Use the console menu to assign the IP address 10.0.0.1/24 to the LAN
- Enable the DHCP server on LAN, too.
- Set up all your clients to use DHCP.
- Access the webGUI from a client (http://10.0.0.1 in this case).
- Configure the WAN interface with the appropriate settings if you're
not using DHCP on WAN.
- Add a few NAT rules (along with auto-added filter rules) to
selectively permit inbound traffic to some ports on your servers.
Voilà, you're done. By default all outgoing traffic is permitted while
all incoming traffic is denied.
If you don't want to use DHCP on LAN, then that's fine, too - just make
sure your clients use m0n0wall as their default gateway and have some
DNS servers assigned, too.
> 1) Is the "Brigde" mode nessecary to get clients on LAN on the
Definitely not. Bridge is only necessary in special scenarios, and I
recommend staying away from it if at all possible, because it makes
things less than straightforward.