[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] questions
 Date:  Fri, 3 Feb 2006 10:57:57 -0600
From: "Jim Thompson" <jim at netgate dot com>
> Marc M. Adkins wrote:

Some additional comments...

>> I wanted to confirm that I can in fact use all three ethernet ports and 
>> create a usable DMZ on one of them.  I understand that total bandwidth 
>> will not be huge, but my DSL pipe isn't huge.  I want something that will 
>> get me started...if I ever need bigger iron I'll hopefully have 
>> justification for bigger expenditures.  I do see the DMZ section in the 
>> documentation...I just wanted to make sure the WRAP board with three 
>> ethernet ports will do this.

> Yes, the third port will end up as "OPT1".

Yes.

>> The other question...just curious...I'm using a DSL modem now.  Will 
>> m0n0wall connect directly to DSL line if I'm so inclined?  I have heard 
>> horror stories about doing this from a *NIX-based firewall box and in 
>> fact had some delays original getting the modem properly configured.  I 
>> do remember it being PPPoE something-or-other...which seems to be in the 
>> m0n0wall documentation.  Not a necessary item since I have the DSL modem, 
>> but I like the idea of one less piece of hardware and then I have a spare 
>> for failover.

> If your DSL provider uses PPPoE, then you'll need to use that.  Many DSL 
> providers no longer require PPPoE, and instead just hand your equipment an 
> IP address via DHCP.

There are two questions here.  "Doing DSL" and PPPE.  Monowall does PPPE, 
and does it well.  DSL, however is a different electrical standard from 
ethernet.  There are DSLcards, but m0n0wall does not support them at this 
time.

That said, you will get an adapter from your provider.  It will either be a 
smart or a dumb device.  A dumb device is where you have to put a PPPoE 
stack within Windows to use it directly.  A smart device will do NAT and 
DHCP for you , and allow several computers in your home to connect at once. 
You can connect m0n0wall to one of these devices, but you will have problems 
if you do this.  (Double nat, and port forwarding issues, as well as making 
VPN to home not work)  To make it work "right" you have to turn the smart 
adapter into a dumb one.  This is called "setting it into bridge mode" and 
is documented all over.  Then m0n0wall does the PPPoE, and has a real IP 
address in the real internet.

>> WRT wireless, which I wouldn't have on a bet without a reliable firewall 
>> (being one paranoid SOB), I'm wondering if anyone has input on cards and 
>> antenna configurations.  This is just a stand-alone house configuration. 
>> All my wiring is in a centrally located utility room in the basement, 
>> only one floor above that.  I figure a 60-90 foot sphere covers the house 
>> but I'm not knowledgeable about antennas and we seem to have continuous 
>> coverage issues with OTS wireless hardware at work (concrete and 
>> reinforced steel construction in downtown Seattle vs. normal wood frame 
>> house if that matters).

> Unless you are *very* good, and like messing with the software, your best 
> bet for wireless, if you want "Access Point" fuctionality is to get one of 
> the prism2.5-based miniPCI cards on the market.   Since Prism-anything has 
> been EOLed,
> and has been "non-competitive" in price (at the chipset level) for years, 
> your choice comes down to finding something on EBay,
> stripping something out of a notebook (many of the earliest 11b notebooks 
> carried such a card.   If you want a 'new' card you're essentially limited 
> to the ones by Zcommax or Senao/Engenius.  There are several resellers for 
> both brands (ODMs) on the web.   A few of them even know how to spell 
> "m0n0wall".

It is hard to find supported cards, and the hostAP code is not all that 
nice.  Most people recomend a cheap AP.  You can get one for less than you 
would pay for a supported wireless card.

                        Lee