Hi all,
I have m0n0wall 1.33 on a 4-port Soekris 6501-50 and two Netgear GS100T switches connected as shown below:
switch A <-port8(trunk)------ eth0-> m0n0wall <-eth1------port8(trunk)-> switch B
I have 5 VLANs defined:
31 - subnet 172.16.231.0/26
32 - subnet 172.16.232.0/26
33 - subnet 172.16.233.0/26
34 - subnet 172.16.234.0/26
35 - subnet 172.16.235.0/26
The trunk port on switch A has VLANs 31,33,34,35
The trunk port on switch B has VLANs 33,34,35
The m0n0wall has the following VLAN and interface assignment:
LAN = VLAN 35 on eth0
WAN = internet gateway (not important for the question)
OPT1 = VLAN 35 on eth1
The firewall rules allow any out of each respective VLAN/subnet.
If I remove the m0n0wall and connect the trunk ports of the switches directly I can reach all devices on either switch over VLAN 35. (ping from device on switch A port 1 to a device on switch B port 4).
With the m0n0wall in-place I can only communicate between devices on each switch (device on switch A port 1 to m0n0wall on switch A port 8 over VLAN 35 works fine but not to any device on VLAN 35 on switch B)
Two questions:
1. is my configuration correct to allow VLAN 35 from switch A through the m0n0wall to switch B ?
2. I've used ip address 172.16.235.1 on VLAN35 LAN eth0 for the m0n0wall. What do I use on VLAN35 OPT1 eth1 (i've tried 172.16.235.1 as it is the same VLAN and the same m0n0wall on that VLAN but also 172.16.235.2 to see if it makes a difference which it doesnt) ?
hope you can help me out
Cobalt
Topic: VLAN over multiple ports