[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] adding an access point to dmz
 Date:  Fri, 30 Dec 2005 15:46:15 -0600 
Chris Buechler wrote:
> On 12/30/05, Alan <alanp at qwest dot net> wrote:
>> 
>> I would like to add an netgear access point to the network so my
>> neighbor can access the internet however keep them away from my
>> network. I've tried to setup the m0n0wall w/ the config described in
>> the dmz section of the handbook w/ no luck. Does using the DMZ/ OPT1
>> interface make the most sense, or is their a better way?
> 
> 
> that definitely makes the most sense.  Make sure the AP is set to
> bridge over to the OPT interface on m0n0wall, not route or NAT some
> other subnet.  Not sure how to do that on a Netgear AP, refer to the
> manual.
> 
> If you can be more specific about what problems you're having, maybe
> we can provide more assistance.

I would add that when you define the OPT1 default rule make it a "NOT
LAN" rule. In other words, on the default rule check the "not" box and
make the destination LAN Subnet. This would allow the users on the OPT1
Subnet access anything EXCEPT the LAN Subnet - thus they could access
the internet.

_________________________________
James W. McKeand