[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Something is wrong with Monowall 1.2 and Rules
 Date:  Fri, 9 Dec 2005 16:28:59 -0500 
On 12/9/05, Peter B. <monowall at linuxnet dot ch> wrote:
>
> Internet <-> Monowall <-> LAN
>
> My LAN Port got ip 172.16.1.1/24
>

then only 172.16.1.0/24 IP's can be on your LAN, unless you have a
router on your LAN (and static routes configured appropriately for
that router).  The traffic from those public IP's is dropped because
those IP's are not within your LAN subnet, and not defined by any
static routes, therefore can't be a valid network off that interface. 
If you have a public/separate IP subnet, you have to put it off of a
different interface (physical or virtual).

As for the VLAN setup, that would work fine, if you have the trunk
port and VLAN tags configured appropriately.

-Chris