|
||||||||
I am in the process of setting up a second LAN (Wireless) using m0n0wall to bridge them. The first is the regular local LAN, the second being just an access point to connect to one specific webserver within the first LAN. I have done two different configs of m0n0wall, one allowing DNS and the other rejecting DNS. Ideally with the secure config we want to be able to connect to this specific internal webserver only. At the moment we can only access other computers on the first LAN by using the IP address. Same goes for accessing the internet. Any ideas on how I could lock this down some more? One idea I had, since the WAN interface is static, I could set the gateway to use just the internal website's IP address. But as for blocking the first LAN, I would have to block whatever ports Windows uses for LAN communication which seems to be kind of difficult to narrow down. One option could be to just block all ports above 80, but for some reason that seems a little too restrictive. Any ideas or thoughts would be appreciated. Sean Waite |