[ previous ] [ next ] [ threads ]
 From:  Peter Boosten <peter at boosten dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] VLAN
 Date:  Thu, 18 Jan 2007 19:56:23 +0100
Neil A. Hillard wrote:
> Hi,
> In message <45AD4219 dot 3020403 at boosten dot org>, Peter Boosten
> <peter at boosten dot org> writes
>> mtnbkr wrote:
>>> Peter Boosten wrote:
>>>> Hi all,
>> [snip]
>>> First, you need to set the baystack port to "tagged trunk".
>>> Next, you need to create another VLAN and assign it to that port. Call
>>> the VLAN what you like, but this will be for the network.
>>> I believe that here is where you went wrong:
>>> On the m0n0wall, in the Interfaces --> Assign page you need to configure
>>> your LAN interface to be the same VLAN that you just added to the
>>> baystack port for the network.
>> Bill,
>> Thanks for your answer.
>> So what you're basically saying is that one of the VLANs needs the same
>> IP address as the LAN interface?
>>> If your LAN interface is currently assigned to the hardware interface
>>> (sis0 on wrap - I do not know what m0n0 sees the ethernet ports as on a
>>> soekris) it will not work. The LAN interface needs to be on the correct
>>> VLAN.
>> This doesn't make sense: since it's a trunk, it'll be on several VLANs,
>> right?
> I think the point is that you have to either use the physical device OR
> use VLANs, you can't use a combination, by setting an untagged VLAN on
> your switch.  Your LAN interface must be one of the VLAN devices.
> I hope that's clearer!

Nope, unfortunately it isn't (sorry).

The current situation (and that's the situation it has always been), is
that the LAN interface had IP address


What I want to achieve is that the physical adapter (sis0) is connected
to a trunk port on my switch, supporting VLAN 30 and 40.

So the first thing I did was creating two VLANs on m0n0wall:


Next I assigned these VLANs to sis0:


After that I assigned both VLAN interfaces an IP address:


Obviously altering the switch at this point to trunked port didn't work,
since I cannot reach my m0n0 from either VLAN after this. Setting the
port to untrunked lets me reach m0n0 again from my network.

What should be the next step I should take (I tried removing the IP
address from the LAN interface, but that cannot be done, the GUI makes
it mandatory).

Thanks in advance for any hints in the right direction.

Kind regards,