Date: Mon, 5 Jul 2010 19:33:16 +0200 From: Peter Boosten <peter@boosten.org> To: Modulok <modulok@gmail.com> Cc: David Kelly <dkelly@hiwaay.net>, freebsd-questions@freebsd.org Subject: Re: VLANs is this right? Message-ID: <60F62E69-FAF0-4A71-A673-17051D1280E2@boosten.org> In-Reply-To: <AANLkTim0kbRIA5ZaCYCLaijIvTmGyugiy36vHgU10sAX@mail.gmail.com> References: <AANLkTilW7eTmmdUtRlXpRX3CT_vuOkE2M0eDB_qiiauW@mail.gmail.com> <20100705165746.GB10990@Grumpy.DynDNS.org> <AANLkTim0kbRIA5ZaCYCLaijIvTmGyugiy36vHgU10sAX@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5 jul 2010, at 19:30, Modulok wrote: > It was a simplified diagram of what I thought I needed. ( Which may or > may not be what I actually need! ) >=20 > Basically, I want a port on the switch that I can plug un-trusted > devices into. Systems wich are known to be just crawling with > malicious software. I need to provide them with an Internet > connection, but otherwise want them separated from everybody else. > Think DMZ isolation, but they're not providing any 'external' > services. I was wondering if this could be done with tagging and > address aliases, instead of buying a third network card for the BSD > machine. >=20 > If that makes any sense. Please don't top-post. Your way indeed is the way to go. I have a similar setup, where I don't = my 19-year olds' PC roam my network. I've created two different VLANs = on my switch (Nortel), and a trunk to my M0n0wall (=3DFreeBSD) firewall = which separates the two. Peter --=20 Peter Boosten http://www.boosten.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60F62E69-FAF0-4A71-A673-17051D1280E2>