[ previous ] [ next ] [ threads ]
 From:  "Paul Rupp" <internet at acorp dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  M0n0wall + Two Wireless Networks + Wired Network
 Date:  Fri, 5 Aug 2005 16:24:53 -0600
I am trying to integrate m0n0wall (built on generic PC) into my current network situation.  The goal
is to provide community wireless access to my spare bandwidth without opening up my "internal"
wired/wireless network to everyone in the world.  I'd like to do this with as little disruption to
the internal network as possible (I'm running servers, port forwarding, etc., already set up and
working!).  Currently I have a standard LAN (Cable Modem -> Wired/Wireless).  I have both wired and
wireless clients on the internal network.

I can get M0n0wall working when I plug my Cable Modem into m0n0's WAN port, and my "outside" Access
Point into m0n0's LAN port, but of course that prevents my internal network from having access to
the internet.

Essentially the question I have, is how do I share my Cable/WAN connection to BOTH my current
router, and also to the m0n0wall box?  I might be able to add another ethernet NIC into the m0n0wall
system and "promote" m0n0wall to next in line after the cable modem, but would rather not.  I'd
rather not do this to avoid adding another layer of complexity to my internal network (port forwards
already setup, etc.) and also I may in the near future purchase a dual-WAN router (for two broadband
connections) and this would complicate that scenario as well.

In my current setup (described below), I can connect to the "external" Access Point, but don't have
Internet connectivity.  Ideally my setup would look like this (but this doesn't seem to work):

Cable Modem (External IP)
Router/Wireless Network (Internal IP/DHCP Server
|    |
|    ----- Internal Wired Network
------(WAN IP from Router DHCP)-- M0n0wall (DHCP Server on LAN
                                                        |----- (LAN port IP from m0n0wall DHCP) AP
for "external" wireless Internet 

In the future I will incorporate at least Captive Portal technology, and possibly RADIUS
authenticated external users into the mix, so ideally any suggestions will allow for this.  I've
searched the archives for two days straight, but maybe I'm not clear enough about what I'm trying to
do, or what search terms to  use.  I'm sure I'm missing something obvious; SOMENONE must have tried
to do this before!  Can anyone point me in the right direction?


- Paul