[ previous ] [ next ] [ threads ]
 
 From:  "Neil A. Hillard" <m0n0 at dana dot org dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Two separate local LANs? (on LAN & OPT1 -> WAN)
 Date:  Sun, 31 Dec 2006 12:48:42 +0000
Hi,

In message <8C8FAEDF4004FE4 dash F58 dash 1F83 at WEBMAIL dash DC20 dot sysops dot aol dot com>,
jhonyl at aim dot com writes
>I want to have two separate local LANs. So far I could make only one LAN one
>WAN. I do have 3 working ethernet cards in the PC. All have IPs, and
>seems to be
>identified and assigned values well. However the OPT1 lan card (that also have
>allow rules) doesn't seem to function. I can't even ping from it to the local
>network to which it is connected.
>
>To repeat I have 3 ethernet cards, one is connected to a WAN switch, its IP is
>10.1.0.137 (255.0.0.0). one is connected to the first switch and its IP is
>10.0.0.134 (255.255.255.0). And the OPT1 IP is 10.0.0.137
>(255.255.255.0) and it
>is connected to the second lan switch.

Your problem is that all of your address ranges overlap.  For a router
to work properly they need to be in different subnets.

10.0.0.134/24 and 10.0.0.137/24 for LAN and OPT1 are in the same range.
You could solve this by bridging LAN and OPT1 and enabling the filtered
bridge so you can restrict traffic flowing between them.

However, your WAN address 10.1.0.137/8 encompasses the above addresses
so you are doomed to failure.

You need to resolve these addressing issues and then you should find
things start to work.  If you're unable to change your WAN address range
then look at using the other RFC1918 address ranges for LAN and OPT1
(192.168/16 and 172.16/12).

HTH,


                                Neil.

-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk