[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Blocking ARP Requests? Even Possible?
 Date:  Mon, 7 Apr 2008 18:55:28 -0400
On Mon, Apr 7, 2008 at 5:57 PM, Adam Piasecki
<apiasecki at midatlanticbb dot com> wrote:
> Well, there is a point in doing it,  I can't assign a secondary IP address's
> in m0n0wall(LAN SIDE). The only way around this was to use another NIC card.
>

You can via ifconfig alias commands, I wouldn't recommend it though.
The reason I say there's no point in it is you have no benefit of
having a management IP on the same broadcast domain. It's easy enough
to figure out what it is and reconfigure your machine to be within
that subnet. You get the same results by controlling management access
via firewall rules and only using one interface and subnet (after
adding rules permitting management access, disable the antilockout
rule on the Advanced page so it drops everything else).

-Chris