Is there any way to set it like?
DSL ----- WAN/m0n0/OPT1 ----- WAN/FW2/LAN ----- clients
The features that I like for the firewall are more features for the
internal side rather than the external side.
I looked at section 14.3 in the documentation for a filtered bridge,
but it appears to be going by the theory that you are allocated a
subnet by the ISP, where you will use one for WAN and the rest for
OPT1. I'm just getting one IP from my ISP, so the addresses would
m0n0_WAN: 220.127.116.11 (public)
Can I bridge the WAN to a different network on an OPT? I can't choose
a /32 for bridging on OPT1. Also, since I only have one IP from my
ISP (that will be on m0n0_WAN), I assume I'll have to set up some NAT
rules for the traffic that's coming from FW2_WAN?
I would presume for configuration I would just plug m0n0_LAN into my
main switch, let it obtain an IP address and then configure it that
On 2/22/06, Holger Bauer <Holger dot Bauer at citec dash ag dot de> wrote:
> Set it up like this:
> Provider DSL-Line-----------wan/old router/lan------WAN/m0n0/OPT1------Clients
> At the m0n0 bridge OPT1 to WAN and enable filtering bridge at System>Advanced. You need an unused
LAN interface in your box as you can't bride LAN to WAN (designlimitation). Add firewall rules to
your WAN and OPT1 to allow all traffic. For the WAN IP choose a free IP of your local subnet. You
then can do the administration via the m0n0s WAN IP. Make sure all clients are behind the m0n0, so
all traffic gets shaped. This way the m0n0 only does traffic shaping and is besides of this