[ previous ] [ next ] [ threads ]
 From:  David Burgess <apt dot get at gmail dot com>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Multiple internal networks
 Date:  Sun, 25 Jan 2009 15:19:08 -0700
On Sun, Jan 25, 2009 at 9:09 AM, Lee Sharp <leesharp at hal dash pc dot org> wrote:

> Peter Pauly wrote:
>> I am routing multiple internal networks to the firewall. Besides
>> adding static routes, is there anything special I need to do to
>> configure m0n0wall to handle this situation?  What about LAN side
>> rules?
> First, are you hooking up a router with networks behind it, or adding NICs
> for additional networks?  If that later, you don't need static routs.  That
> if for routs to networks 1 or more hops away from m0n0wall.
> Second, firewall rules are "In" to the interface you are working with. The
> default LAN rule is wide open, but few people leave it like that. Make sure
> you have rules for your other networks.

Third, if you have a third NIC, i.e., OPT1, the default rule is to block, so
you'll have to grant explicit access to other networks for anything /not/ on
the LAN