[ previous ] [ next ] [ threads ]
 
 From:  Ralf Petry <petry at cypy dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] VLANs with seperate WANs
 Date:  Wed, 13 Nov 2013 09:00:22 +0100
hy,
my technical and firewall understanding is probably not as profound as 
it is with the others posting to your question, but nevertheless: why 
not put the printer into a dmz that can be reached from both subnets?
have a nice day...

Am 13.11.13 02:25, schrieb Daniel Jokinen:
> Hi guys,
>
> I'm turning to you for help, since I can't figure out something good enough myself. I have a
customer request, as follows.
>
> They have two seperate physical LANs today, each with their own WAN setup. They're located in the
same building and utilizes the same cabling, although they've patched themselves apart and have
setup small switches to accomodate port needs.
>
> Now they would like to share an MFP printer. But, it's still imperative that they don't reach each
others networks, and they need to use their own WANs as well.
>
> It seems I would need to setup a router with 5 physical ports; 3 VLANs and 2 WANs, and static
route the traffic so that each VLAN uses their own WAN. VLAN 1 and 2 wouldn't route, except to VLAN
3 where the MFP sits. Am I making any sense?
>
> Now the real problem is finding a solution to all these independent ports. As far as I know, m0n0
just supports 3 ports, correct? And looking at vendor stuff they all seem to come with load
balancing auto WAN ports that just wouldn't cut it. I've looked at pfsense which can handle up to 60
or more ports, but I don't know if that can be WANs or only LANs. As always, I'd prefer m0n0 within
a neat appliance, but I didn't see one with 5 ports (only pfsense), and also it's getting pretty
expensive in that region.
>
> Any tips or ideas?
>
>
> Med vänliga hälsningar
>
> Daniel Jokinen
> Linford Communication AB
> 019-277 22 73
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch