You might want to add the ICMP rule as 'any to interface IP only' to
protect other networks instead of an allow any any.

-Mike


-----Original Message-----
From: Sasa Baksa [mailto:sasa dash stjepan dot baksa at os dot t dash com dot hr] 
Sent: Friday, September 28, 2007 3:56 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] m0n0 and VLANs problem setting up

My be allowing ICMP on firewall for that interface (vlan)

Sasa

P.S.
I have sent e-mail about vlans directly to you - not to list. Sorry for 
that.

----- Original Message ----- 
From: "Joe Lagreca" <joe at BIGnetOnline dot com>
To: "Chris Buechler" <cbuechler at gmail dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Friday, September 28, 2007 8:49 AM
Subject: Re: [m0n0wall] m0n0 and VLANs problem setting up



> I am currently working with a Netgear FSM7328S 24 port switch.  I have
> the VLAN's somewhat working.  Meaning, I have assigned ports 1-6 to be
> on vlan 201.  1-6 are also untagged, where 24 (my trunk) is tagged.
>
> Now when I plug a computer into 1-6, I get a 192.168.201.199 IP
> address, which is exactly what my m0n0wall is told to hand out to 201
> vlan.  However, I can NOT ping my vlan interface IP of 192.168.201.1.
>
> I'm not doing any routing in the switch.  Do I need a static route in
> the m0n0wall?
>
> Please keep in mind, I don't know much about what I'm doing, so feel
> free to suggest, even if you think its obvious.  Thanks!
>


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch