[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] VLAN build-out
 Date:  Fri, 24 Feb 2006 09:42:34 -0600
From: "Aaron Clasby" <aaron dot clasby at cox dot net>

>I just want to make sure I am in the right or if I am missing something.

> Currently I have the wrap with 1.21 connected as follows:

> WAN - cable
> LAN - Cisco AP 1200 via Dell PowerConnect (no VLANs)
> Opt - disconnected

> All traffic comes in via the LAN interface and out the WAN.

> I would like to create a secondary SSID on the AP, which would mean I have 
> to use VLANS, by default, there will be VLAN1, and then VLAN5 for 
> guests(insecure), and VLAN7(secured). This all would be via the LAN 
> interface. I would like VLAN5 to get an IP from m0n0 and go out the WAN 
> int, then anyone connecting securely via VLAN7, I would like their DHCP 
> requests to be forwarded via Opt1 to the internal net, thus also sending 
> all this particular traffic through Opt1. Is this possible or am I missing 
> something?

I think you are confusing yourself with trying to think of two things at 
once.  Lets start with the VLAN.

If the Cisco AP 1200 supports VLANs and multiple SSIDs you can set up 
multiple SSIDs on there own VLAN.  I do not know the cisco, but I have seen 
this done with a VLAN compatible switch, and multiple APs.

Once you have your VLAN, you treat them like the additional interfaces they 
are.  They will have whatever connectivity you give them in the firewall 
rules.

                        Lee