News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Installation
linktree Topic: Configuring m0n0wall LAN and WAN on same subnet
Pages: [1]
Topic: Configuring m0n0wall LAN and WAN on same subnet  (Read 2028 times)
« on: October 11, 2013, 08:27:38 »
Airbag888 *
Posts: 2
Hi,
I'm new to m0n0wall and I'm trying to configure as per topic with the LAN and WAN on same subnet. After looking around a bit I seem to see it's not possible but I just wanted a confirmation.
My setup is as follows

[ISP1] - public dyn IP - [adsl modem + router] - 192.168.1.0/24 - [switch] - network1 + server1(192.168.1.4 on eth0)
[ISP2] - public fix IP - [PPPOE router] - 192.168.1.0/24 - [switch] - network2 + server1(192.168.1.6 on eth1)

So 1 server is connected on both sides. network1 is where most computers are and connect to the server on 192.168.0.4, network2 is where the server connects to the internet and where computers outside the office connect to that server via a vpn on the PPPOE router. It is mostly not relevant for what I want to do.


I'd like to slip in a m0n0wall device (running on Esxi) between the adsl modem and the switch so as to

1. be able to control the internet bandwidth use (prioritise emails, block some p2p and heavily throttle personal mobile devices) in a transparent way (I'm thinking traffic shaper + some firewall rules)
2. In the event I get a m0n0wall issue just plug the network switch back in the adsl modem until I get around fixing m0n0

To me this implies something like

[ISP1] - public dyn IP - [adsl modem + router] - 192.168.1.0/24 - [switch] - 192.168.1.99 -[m0n0wall] - 192.168.1.0/24 - network1 + server1(192.168.1.4 on eth0)

However as I said, subnet would be the same on the wan and lan interfaces of m0n0wall.
My constraints are: I cannot change the subnet on the lan side and at worst I could change the subnet on the wan side but then if I get an issue with m0n0 when I'm not around I cannot just ask someone to unplug the cable from the m0n0 server and plug it in the router straight away because the router will be on another subnet

Right now when I have both subnets be identical I cannot access anything on the wan side (btw I have unchecked the option to Block Private networks in the wan config). When I have them on different subnets I can ping a devices on the wan side but it seems dns is failing so that probably will be the next thing for me to fix.

Thanks for reading through Smiley
« Reply #1 on: October 11, 2013, 15:25:33 »
Fred Grayson *****
Posts: 994
You can not have two (or more) interfaces on a router that define the same network. It is an ambiguous configuration and will not work.
--
Google is your friend and Bob's your uncle.
« Reply #2 on: October 11, 2013, 16:59:57 »
Airbag888 *
Posts: 2
Thank you for the response. Much appreciated.

I've been thinking what I'll do is have a 2nd adsl modem configured with the lan side on 192.168.0.0/24 and in case of an issue I'll swap it in..

I have another question concerning my setup should I make another thread? I'm wondering  if I could have 2 WANS with each a different DNS (2 DNS each) with 1 WAN port forwarding straight to the 192.168.1.6 interface of Server1
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines