VLANs is this right?

Peter Boosten peter at boosten.org
Mon Jul 5 17:33:31 UTC 2010

On 5 jul 2010, at 19:30, Modulok wrote:

> It was a simplified diagram of what I thought I needed. ( Which may or
> may not be what I actually need! )
> Basically, I want a port on the switch that I can plug un-trusted
> devices into. Systems wich are known to be just crawling with
> malicious software. I need to provide them with an Internet
> connection, but otherwise want them separated from everybody else.
> Think DMZ isolation, but they're not providing any 'external'
> services. I was wondering if this could be done with tagging and
> address aliases, instead of buying a third network card for the BSD
> machine.
> If that makes any sense.

Please don't top-post.
Your way indeed is the way to go. I have a similar setup, where I don't my 19-year olds' PC  roam my network. I've created two different VLANs on my switch (Nortel), and a trunk to my M0n0wall (=FreeBSD) firewall which separates the two.


Peter Boosten

More information about the freebsd-questions mailing list