First off, thank you for looking.
I have searched the m0n0 handbook, the quick start guide, and prior m0n0
list entries without joy-so I figured I would ask the group. Please forgive
me if this has been covered before-I did try to find my own answers before
bothering all of you.
Is there a hard limit to the maximum number of subnets allowed in m0n0wall?
We are currently running a Soekris net4801-50 with lan1641 card, bringing
the total number of interfaces to seven. Our current configuration looks
64.140.xxx.xxx= WAN subnet (static)
192.168.1.1/24 = LAN subnet with approx 85 clients
192.168.3.1/24 = DMZ for statserver mapped to WAN IP using inbound NAT (no
We would like to better segment the internal subnets with specific blocking
rules for each, as well as add a couple of other subnets for other devices.
192.168.1.1/24 = LAN subnet for administrators
192.168.2.1/24 = LAN subnet with more stringent block rules (myspace,
youtube, yahoo video etc)
192.168.3.1/24 = DMZ for statserver mapped to WAN IP using inbound NAT
192.168.4.1/24 = DMZ for webserver mapped to second WAN IP
192.168.5.1/24 = DMZ for VoIP bridge mapped to third WAN IP
If it helps, we are using an Adtran 924e to mux our data T1s. So far, any
attempt to configure a subnet above and beyond the three already configured
(WAN, LAN, and DMZ) has failed. I've been careful about the firewall rule
sets, tried both with and without DHCP-you name it.
Am I simply asking too much of a single instance of m0n0wall w/Soekris
net4801? I ordered a second Soekris yesterday, but it would be helpful to
know if I'm asking too much of the software for the sake of future growth.
Thank you again for any assistance or resources you can provide.
Dover, NH USA
PS-We have had m0n0 deployed for a couple of months now, and our current
configuration has been absolutely wonderful! We are running around 85 client
PCs, five printers, two internal fileservers, a wireless access point, an
external stats server, four SNMP enabled Liebert UPS units, and a NAS
without any issues whatsoever :) Thank you m0n0wall!!