[ previous ] [ next ] [ threads ]
 
 From:  "Bryan Brayton" <bryan at sonicburst dot net>
 To:  "Joe Lagreca" <lagreca at gmail dot com>, "Monowall List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: Re: [m0n0wall] How to subnet OPT1 and still offer DHCP for each subnet?
 Date:  Fri, 20 Aug 2004 13:13:50 -0400
Well, if you must use the Linksys, you could turn the linksys router around backward, so to speak. 
Connect its WAN port to the client's LAN switch then use the wireless on the linky's lan as your
link to the m0n0 box.  As long as you were straight routing without NAT that would work, but I don't
know if you can turn the DHCP server on the Linksys to serve on it's WAN port though.
 
-Bryan

________________________________

From: Joe Lagreca [mailto:lagreca at gmail dot com]
Sent: Fri 8/20/2004 1:14 PM
To: Bryan Brayton; Monowall List
Subject: Re: Re: [m0n0wall] How to subnet OPT1 and still offer DHCP for each subnet?



I believe that can be done, however the connection from my office to 
my clients office will be via wireless, which is on the LAN side.  So 
I was just going to ignore the WAN port alltogether.  I was going to 
turn DHCP on for the client LAN and give clients their DHCP from the 
CPE Linksys. 

Joe 


On Fri, 20 Aug 2004 07:01:22 -0400, Bryan Brayton <bryan at sonicburst dot net> wrote: 
> Joe, 
> 
> You should be able to turn off NAT on the client routers and just use 
> them as straight routers, correct?  I know my linksys can work as an 
> honest to goodness router. 
> 
> Bryan 
> 
> 
> 
> -----Original Message----- 
> From: Joe Lagreca [mailto:lagreca at gmail dot com] 
> Sent: Friday, August 20, 2004 1:26 AM 
> To: Bryan Brayton 
> Cc: Fred Wright; m0n0wall at lists dot m0n0 dot ch 
> Subject: Re: Re: [m0n0wall] How to subnet OPT1 and still offer DHCP for 
> each subnet? 
> 
> Bryan, 
> 
> I'm sorry for the confusion, I may have thrown a few ideas around at 
> once.  However my goal the whole time has been to try and prevent a 
> NAT behind another NAT. 
> 
> My m0n0 wall be doing a NAT for OPT1, and all my clients will hang off 
> of that.  If I subnet OPT1 I believe I can prevent a NAT behind NAT 
> situation. 
> 
> The easiest situation would have been to assign each client an 
> internal IP address, and then do a NAT on that to create their own 
> private internal network. 
> 
> I was just afraid of any support issues with NAT behind NAT, thinking 
> that some things may not work correctly.  If I go with subnetting, it 
> will eliminate any of those problems. 
> 
> I hope I make more sense now. 
> 
> BTW, I will be using Linksys WRT54G's at my main AP and also at the 
> client end.  They are running Sveasoft firmware, which supports OSPF 
> routing.  However that is a whole new ball game that I'm not sure I 
> wanna get into right now. 
> 
> On Thu, 19 Aug 2004 21:56:21 -0400, Bryan Brayton <bryan at sonicburst dot net> 
> wrote: 
> > Maybe I'm missing something here, but didn't Joe have client routers 
> in 
> > the mix? 
> > 
> > So without IP aliases, but with static routes on the m0n0 on the LAN 
> (or 
> > OPT or whatever) pointing at the various internal routers, wouldn't 
> this 
> > work: 
> > 
> >    WAN 
> >     | 
> > Joe's M0n0 box 
> >     | 
> >    LAN 10.1.0.1/24 
> >     | 
> >     | 
> >     |---------------------------------------- 
> >     |                                       | 
> > Client 1 Router WAN 10.1.0.2/24          Client 2 Router WAN 
> 10.1.0.3/24 
> >     |   (default rt 10.1.0.1)               |    (default rt 10.1.0.1) 
> >     |                                       | 
> > Client 1 Router                          Client 2 Router 
> >     |                                       | 
> > Client 1 Router LAN 10.1.1.1/24          Client 2 Router LAN 
> 10.1.2.1/24 
> >     |                                       | 
> >     |                                       | 
> >     |                                       | 
> >     |                                       | 
> > Client 1 LAN (default gw 10.1.1.1)       Client 2 LAN (default gw 
> > 10.1.2.1) 
> > 
> > If dynamic routing was supported, you wouldn't have to manually enter 
> > the routes.  You will need firewalling on the client routers to 
> prevent 
> > inter-client communication. 
> > 
> > Correct me if I'm wrong.  I'm sure I'll regret that :) 
> > 
> > -Bryan 
> 
> 
> ________________________________ 
> 
> avast! Antivirus <http://www.avast.com> : Outbound message clean. 
> 
> Virus Database (VPS): 0434-1, 08/17/2004 
> Tested on: 8/20/2004 7:01:22 AM 
> 
> 
> avast! - copyright (c) 2000-2004 ALWIL Software. 
> 
>