General Questions

I have to setup 5 virtual interfaces for 5 vlans on one NIC. How would I go about doing this.

Sorry for hijacking this thread, but i guess its better than creating a new thread for this. I have the same requirement. Can somebody please help with this.

I’ll give you a rough idea on how to set them up, I’ll try to document the full process this weekend when I get home and have access to my test box.  I don’t have good access to a m0n0 at the moment.

I’m going to assume that you have a standard dual nic machine currently set up with a wan and lan configured.  Also note that you have to completely build at least one of your virtual interfaces before you reboot - none of the interface changes take affect until a reboot.  I would also advise to have your switch ready to go with a trunk and appropriate access ports.

Click on “(assign)” behind the interfaces option.  Click on the “VLANs” tab.  Here it’s pretty self explanatory, set a vlan tag, description and assign it to the appropriate physical interface – most likey whatever interface is your LAN.

After they are created there, they should show up under the interfaces menu on the left.  Click the interface name and set up the IP scheme for the interface and enable the interface, and also set up a DHCP scope under “Services” “DHCP Server” if needed.

I’m not sure, but I seem to remember deleting the original interface config for the physical LAN port at this time as well and then rebooting the m0n0.  While the m0n0 is rebooting, plug in the switch trunk port to the m0n0 and plug yourself into the appropriate access port.  With a little luck everything will work now.

I’ll try to fully document this process this weekend when I get home and have my test Soekris box up and going.  There appears to also be a way to set up VLANs on the initial power on/setup, but I have never done it at that time – another thing I would like to test and document.

And as always, please don’t do this on a live production network, I’m not sure if these instructions are complete..

Thanks gus for answering... I join the forum because i encounter the same problem...

Here's a draft step by step guide on setting up VLANs via the GUI.  Please review it and provide me with any feedback.

I plan on documenting the VLAN setup process from the console at install time and maybe a quick guide to the minimum config for a Cisco switch.

Thanks for a useful guide! 

Out of interest, is it possible to build a Monowall with only one physical network interface?  e.g. WAN on VLAN 10, LAN on VLAN 20, both on the same eth0 port?


Cheers,

- Martin

Yes, I believe if you use VLANs you can have only 1 physical NIC in m0n0wall.

Attached is sample output for setting up a m0n0 with a single interface using vlans.  It's output from the console, not the GUI this time.  Always interested in feedback if it helps anyone

Thanks Gus - that looks straightforward.

I will give that a go next time I do some maintenance, as using VLANs would allow me to go down from 3 switches to just 1 - which is a useful saving in electricity.

Cheers,

- Martin

I am new to vlaning is there some special switch I need to plug the monowall lan interface into?

I've been reading about how you seperate the ports of the switch into various groups.  This is to be done via some switch interface?  

Can you shed some light on this part of it Gus?

Thanks.

Yeah, I suppose you could call it a special switch.  What you need is a switch that can speak 802.1Q..  Pretty much any good managed switch should be able to do this.  Brands I have worked with are Cisco, HP, Dell and Foundary.

Basically when you start doing vlan's on the m0n0 device, that port becomes an 802.1Q trunk port that will carry all the vlans.  Each packet gets wrapped with a vlan tag which is read by another trunk port on the switch and then each packet is passed on to each virtual switch which is defined by ports assigned to those vlans and physical ports on the switch.

Hopefully I am explaining this well, if not, let me know and I can try again!  I can probably do some step by step instructions for Cisco command line.  Pretty much every other switch I have done vlans on has a web gui as the only access and the terminology can vary.