[ previous ] [ next ] [ threads ]
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] VLAN
 Date:  Thu, 18 Jan 2007 19:38:22 -0000

On the m0n0wall interface screen you need to set the LAN interface to 
VLAN30, rather than trying to assign to OPT1.

In your original example, with sis0 as the LAN, that makes it effectively on 
the default/native VLAN on your switch (e.g. on Ciscos, VLAN 1 is by default 
all untagged traffic on a trunk port).



----- Original Message ----- 
From: "Peter Boosten" <peter at boosten dot org>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, January 18, 2007 6:56 PM
Subject: Re: [m0n0wall] VLAN

> Neil A. Hillard wrote:
>> Hi,
>> In message <45AD4219 dot 3020403 at boosten dot org>, Peter Boosten
>> <peter at boosten dot org> writes
>>> mtnbkr wrote:
>>>> Peter Boosten wrote:
>>>>> Hi all,
>>> [snip]
>>>> First, you need to set the baystack port to "tagged trunk".
>>>> Next, you need to create another VLAN and assign it to that port. Call
>>>> the VLAN what you like, but this will be for the 
>>>> network.
>>>> I believe that here is where you went wrong:
>>>> On the m0n0wall, in the Interfaces --> Assign page you need to 
>>>> configure
>>>> your LAN interface to be the same VLAN that you just added to the
>>>> baystack port for the network.
>>> Bill,
>>> Thanks for your answer.
>>> So what you're basically saying is that one of the VLANs needs the same
>>> IP address as the LAN interface?
>>>> If your LAN interface is currently assigned to the hardware interface
>>>> (sis0 on wrap - I do not know what m0n0 sees the ethernet ports as on a
>>>> soekris) it will not work. The LAN interface needs to be on the correct
>>>> VLAN.
>>> This doesn't make sense: since it's a trunk, it'll be on several VLANs,
>>> right?
>> I think the point is that you have to either use the physical device OR
>> use VLANs, you can't use a combination, by setting an untagged VLAN on
>> your switch.  Your LAN interface must be one of the VLAN devices.
>> I hope that's clearer!
> Nope, unfortunately it isn't (sorry).
> The current situation (and that's the situation it has always been), is
> that the LAN interface had IP address
> http://www.boosten.org/m0n0wall/lan.png
> What I want to achieve is that the physical adapter (sis0) is connected
> to a trunk port on my switch, supporting VLAN 30 and 40.
> So the first thing I did was creating two VLANs on m0n0wall:
> http://www.boosten.org/m0n0wall/vlan.png
> Next I assigned these VLANs to sis0:
> http://www.boosten.org/m0n0wall/interfaces.png
> After that I assigned both VLAN interfaces an IP address:
> http://www.boosten.org/m0n0wall/vlan30.png
> and
> http://www.boosten.org/m0n0wall/vlan40.png
> Obviously altering the switch at this point to trunked port didn't work,
> since I cannot reach my m0n0 from either VLAN after this. Setting the
> port to untrunked lets me reach m0n0 again from my 
> network.
> What should be the next step I should take (I tried removing the IP
> address from the LAN interface, but that cannot be done, the GUI makes
> it mandatory).
> Thanks in advance for any hints in the right direction.
> Kind regards,
> Peter
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch