[ previous ] [ next ] [ threads ]
 
 From:  =?ISO-8859-1?Q?Sebastian_B=F6hm?= <seb at exse dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] ethernet frame routing
 Date:  Sun, 21 Oct 2007 07:42:27 +0200
Am 20.10.2007 um 19:03 schrieb Lee Sharp:


>> Hi,
>> I want to install a new firewall and someone suggested me to use  
>> m0n0wall with a soekris board.
>> I have one question regarding features:
>
> [snip]
>
>> those two nets (x.y.z.0/28 and x.y.z.80/28) sit on the same  
>> interface (eth1) , and have their default route at .1 and .81
>
> This is a bad thing.  With 2 collision domains on one flat network,  
> you will have a lot more collisions and other hard to diagnose  
> issues. Additionally, security is out the window.  You can get into  
> the guts of m0n0wall and make this happen, but it is not  
> recommended.  An additioanl nic or vlans is the best way to go.

Hi Lee,

I know that.

(by the way: it not THAT insecure, as I have no internal security  
issues and I checked the switch and there are no issues with  
collisions, so I am fine)

But how do I setup a transparent (bridging) m0n0wall which redirects  
traffic that comes from one net and goes to the other net not to the  
default router, but redirects it.

/sebastian

>
> 			Lee
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>