I have a private network connected to a router as a NAT to the internet. I am looking at using Monowall to attach a WiFi Access Point or Router to run a public hotspot using the Captive Portal Pages. I want the private network protected and for it to be able to access Monowall's Web Console. My preference is to have Monowall connect to the private network and use it as a WAN for the public hot spot and only allow traffic from the hot spot to use the internet gateway on the private network. This way the Hotspot is independant form the primary network and can be shutdown without afftecting the private network or internet access from it. The only way I have found this to work securely was to use 3 NIC's and have Monowall between the NAT and the private network. Is it possible to use only 2 NIC's and have the private network and internet gateway on the same side of the Monwall Firewall and only allow access to the internet gateway from the other public network and ensure access to the other devices on the private LAN are protected.
Your comments will be greatly appreciated.
|