Hi,

>Soekris 4501 with MW 1.3b2.
>
>WAN eth0       192.168.1.0/24 with an IP of 192.168.1.200
>
>LAN eth1       192.168.2.0/24 with an IP of 192.168.2.200
>Works Great.
>
>Shouldn't I be able to add:
>
>opt1   eth2    192.168.2.201/24 in same subnet as the LAN on eth1?
>
>I've tried it and can't get anything to route through it.
>
>I've done the firewall rules for opt1.
>
>I think it should just work.
>
>If I change opt1 to a separate subnet like 192.168.3.0/24 then it all
>comes right and works.
>
>Does every nic have to be on a separate subnet to work?
>
>I want to be able to add IPs to each nic and have them all on the same
>subnet on the lan side.
>
>Am I trying to do something that can't be done?

In a word - yes!  Each interface should be in its own broadcast domain -
what you've been trying to configure is two interfaces in the same
broadcast domain - how could m0n0wall know which interface to route a
packet to?

Now if you only have a need for two 'LAN' interfaces then you could
bridge them together.  Enable filtered bridge and then you can control
what traffic passes between the two 'LAN' interfaces.

Both 'LAN's will still use 192.168.2.200 as the address for m0n0wall.

HTH,


                                Neil.

-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk