VLANs is this right?
Peter Boosten
peter at boosten.org
Mon Jul 5 17:33:31 UTC 2010
On 5 jul 2010, at 19:30, Modulok wrote:
> It was a simplified diagram of what I thought I needed. ( Which may or
> may not be what I actually need! )
>
> Basically, I want a port on the switch that I can plug un-trusted
> devices into. Systems wich are known to be just crawling with
> malicious software. I need to provide them with an Internet
> connection, but otherwise want them separated from everybody else.
> Think DMZ isolation, but they're not providing any 'external'
> services. I was wondering if this could be done with tagging and
> address aliases, instead of buying a third network card for the BSD
> machine.
>
> If that makes any sense.
Please don't top-post.
Your way indeed is the way to go. I have a similar setup, where I don't my 19-year olds' PC roam my network. I've created two different VLANs on my switch (Nortel), and a trunk to my M0n0wall (=FreeBSD) firewall which separates the two.
Peter
--
Peter Boosten
http://www.boosten.org
More information about the freebsd-questions
mailing list