[ previous ] [ next ] [ threads ]
 
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  "Geoff Brisbine" <geoff dot brisbine at gmail dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Using m0n0wall as a QoS bridge?
 Date:  Wed, 22 Feb 2006 16:14:05 +0100
Set it up like this:
Provider DSL-Line-----------wan/old router/lan------WAN/m0n0/OPT1------Clients

At the m0n0 bridge OPT1 to WAN and enable filtering bridge at System>Advanced. You need an unused
LAN interface in your box as you can't bride LAN to WAN (designlimitation). Add firewall rules to
your WAN and OPT1 to allow all traffic. For the WAN IP choose a free IP of your local subnet. You
then can do the administration via the m0n0s WAN IP. Make sure all clients are behind the m0n0, so
all traffic gets shaped. This way the m0n0 only does traffic shaping and is besides of this
transparent.

Holger

> -----Original Message-----
> From: Geoff Brisbine [mailto:geoff dot brisbine at gmail dot com]
> Sent: Wednesday, February 22, 2006 5:28 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Using m0n0wall as a QoS bridge?
> 
> 
> Greetings, all.
> 
> I've got a firewall, which has some great features, but is lacking
> QoS.  Being over DSL it's quite a problem when I'm downloading and
> uploading (and will be compounded when I start using VoIP).
> 
> Is is realistic or feasible to have a m0n0wall box in between my DSL
> modem and my current firewall, which would only be used for traffic
> shaping?
> 
> I'm trying to wrap my brain around what would need to be configured. 
> My current firewall is NATing for the internal clients, but I may need
> to disable NAT on that box since the m0n0wall box would be the last
> piece of equipment before the Internet.  Would I do 1:1 NAT to allow
> all traffic from the Internet to be sent directly to my current
> firewall?
> 
> I'd like to have the m0n0wall box provide an IP address to my current
> firewall via DHCP (static mapping) so I could leave my current
> firewall in DHCP mode.  This would allow me to, without
> reconfiguration, remove the m0n0wall box and be back in working order.
> 
> It seems like a lot of work to keep my current firewall in the mix,
> but like I said, I really like it.  :)
> 
> Any ideas?
> 
> Thanks,
> 
> Geoff
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 

____________
Virus checked by G DATA AntiVirusKit