News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  General Questions
linktree Topic: Isolated LAN within corporate LAN
Pages: [1]
Topic: Isolated LAN within corporate LAN  (Read 1484 times)
« on: September 22, 2008, 16:04:00 »
k101 *
Posts: 2
I'm not sure what I'm trying to is possible, I've been trying for several days now and am confused.

Our corpoarate LAN is 192.168.1.0/24 and I want to set up a test enviroment with 192.168.0.0/24 ip range behind the monowall.

I have the LAN side of the MOnowall set up to use 192.168.0.0/24 and gave the WAN an IP address(192.168.1.20) on the corpoarate LAN, and used the gateway of the corporate LAN (192.168.1.1) for the Gateway. I want to be able to access the internet from the private LAN, but not the other servers on the Corporate LAN. If i set up rules to block the corporate LAN then I can't connect to the internet, remove those rules and I can Ping the servers on the corporate LAN.

Thanks in advance for any light someone might be able to shed on this for me.
« Reply #1 on: September 22, 2008, 16:51:29 »
markb ****
Posts: 331
A couple of ways of doing this.  If you don't need to access anything on the corporate LAN and are using NAT (Enabled by Default) on the Mono simply add an Any to any Not LAN rule.  If you want to be more selective. put your allow rules with specific ports before your block rule, as the rules are processed in order.
« Reply #2 on: September 25, 2008, 20:14:28 »
k101 *
Posts: 2
thanks, that did the trick.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines