|
||||||||
Andrew Harvey wrote: > On 14/10/2005, at 11:56 AM, Bryan Catlin wrote: > >> Not to keep beating this down, but I do not want the users to have >> to change a thing on their laptops. No matter what their IP >> settings are I want the monowall to give them access to the Internet >> IE the wan side. From what I understand this can be done by >> ignoring IP traffic and just using the MAC address. >> > > From what *I* understand this is impossible. It's not a matter of > what IP you have, but knowing where the gateway is. As I said before, > all traffic to anywhere outside the subnet the computer is on needs > to go through a gateway, and the client needs to know what gateway to > use. Thus a setting needs to be changed. This can be using DHCP or by > manual changes, but something has to change on the client. I can't > think of any simpler way to put it. IF you can get traffic to your > m0n0wall, then you can think about getting it through. It is not that it is impossible, it just breaks many networking rules. This is done in many places where public Internet is available. For it to work, the gateway has to be intelligent enough to allow clients to use ANY IP configuration. The gateway has to be able to reply to any request. When a client with a static address tries to reach its gateway and fails it will do an ARP request. The gateway must be able to say "yes that is me - here is my MAC address for your ARP cache." Can m0n0wall do this? Not at this point. It has been discussed in the past on the list - I'm too lazy this morning to search the list for you... _________________________________ James W. McKeand |