[ previous ] [ next ] [ threads ]
 
 From:  "Carsten Larsen" <info at blackboxdata dot dk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  multiple subnets on one monowall
 Date:  Fri, 4 Nov 2005 02:32:40 +0100 
Hi all

 

First let me tell you how my network is

 

I have multiple networks like

 

192.168.1.0 / 24 gw 192.168.1.1 vlan 101

192.168.2.0 / 24 gw 192.168.2.1 vlan 102

192.168.3.0 / 24 gw 192.168.3.1 vlan 103

Etc etc etc 

Up to about 

192.168.15.0 / 24 gw 192.168.15.1 vlan 115

 

These are running on their own vlans connected to a bunch of HP2650 layer 2
managed switches, which all are connected to a Netgear GSM7312 Layer 3
switch, that is our default gateway for all these subnets

 

From the layer 3 switch, the traffic runs into a cisco pic 506 and then onto
our cisco 4000 router which runs our internet, and everything is fine

 

Now i´m trying to exchance the pix with a monowall, to get the traffic
shaper option on our entire network

 

The monowall has to Ethernet cards in, one for lan which is 192.168.1.2 / 24
gateway 192.168.1.1

The other for wan is 80.164.175.xxx / 28 gateway 80.164.175.xxx

 

I have in the monowall created a lot of static routes, one from every subnet
like

 

192.168.1.0 /24 gateway 192.168.1.1

192.168.2.0 /24 gateway 192.168.1.1

192.168.3.0 / 24 gateway 192.168.1.1

 

And so on

 

But I cant get this to work

 

When i´m sitting on vlan 101, with a pc with 192.168.1.50 I can and using
192.168.1.2 as my default gateway, I can get thru to the internet, though
the monowall, and everything is fine, I can ping other machines on other
vlans, example 192.168.2.50, so that is also working.

 

But i´f im using 192.168.1.1 (my layer 7 switch) for default gateway, and
define the next hop address in the layer 3 switch to be 192.168.1.2 I cant
get out.

 

I tried switching to vlan 103 and this doesn’t work either, I then have a
192.168.3.50 ip with 192.168.3.1 for gateway (same layer 3 switch), with
next hop address 192.168.1.2, NO GO

 

I hope you can understand what it is I want to do?

 

Just to clarify, in my layer 3 switch I define the next hop address, which
is normally my pix 192.168.1.7 and this is working flawlessly, but when I
change it to 192.168.1.2 it doesn’t work.

 

From the monowall I can ping the internet, and also machines on different
vlans, so it does have some kind of contact with them.

 

Also I have experienced, that every time I make a change I the monowall, and
press apply, I lose the monowall, stops responding to ping, and I then have
to reboot the monowall, using option 5 in the menu interface, when rebooted
it have accepted the changes, but still, I think its odd that it behaves
like this.

 

I´m using version 1.2 on the monowall

 

Hope that any one can help me, figure out what is wrong, or maybe just
clarify, whether the monowall can handle all these subnets?

 

Sincerely

Carsten Larsen

Denmark