[ previous ] [ next ] [ threads ]
 From:  "Brian McEntire" <brian dot mcentire at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Can m0nowall be a bridging firewall or do NAT passthrough?
 Date:  Tue, 4 Apr 2006 13:49:48 -0400
  I'm new to Monowall. I've read the FAQ and skimmed the manual but didn't
see this answered (I might have missed something though.)

  I have a group of about 5 systems that are dual homed. One LAN they
connect to belongs to us, and the other is another department's which we use
to get a data feed from a particular server but would otherwise like to
filter out. The NICs in each of our hosts have one IP address on our LAN and
another on the other LAN.

  We would like to firewall off all the traffic from the "other" LAN aside
from a few ports we need to get our data feed. If our hosts were not on the
same LAN as the host serving the data feed, it would just be a regular
firewall rull. But since they are on the same LAN that we want to filter
from, I think we need a bridging firewall type setup.

  Can M0n0wall act as a bridging firewall? Saw on the list there was a patch
for this but hoping this is now integrated into the official release.

  Other than a bridging firewall, is there another way to approach this
using Monowall? Read about advanced outbound NAT but am not sure if that
would accomplish the same as the bridging firewall scenario.

  We cannot renumber these hosts.

  The solution will probably look something like this:

+-"other LAN" (hub or switch)
+-Monowall outside IF
     (layer 2 f/w?)
+-Monowall inside IF
+-hub-{our hosts plugged in here}

Thanks for any help,