dick hoogendijk <[EMAIL PROTECTED]> wrote:

> On 18 Apr Fabian Keil wrote:
> > dick hoogendijk <[EMAIL PROTECTED]> wrote:
> > > After adding the WiFi card this whould be:
> > > defaultrouter=""
> > > hostname="lothlorien.nagual.st"
> > > ifconfig_rl0="inet netmask"
> > > ifconfig_rl1="inet netmask"
> > > ifconfig_ath0="ssid airport01 media autoselect mode 11g mediaopt \
> > >   hostap wepmode on wepkey `cat /etc/wepkey` channel 1 up"
> > > cloned_interfaces="bridge0"
> > > ifconfig_bridge0="addm ath0 addm rl1 up"
> > 
> > You didn't specify the default wepkey, but the syntax looks
> > OK to me.
> > BTW don't bridge your wireless and wired networks if you don't have
> > to. If your only goal is to get internet access for your wireless
> > clients, it's probably safer to just add another NAT zone.
> Sounds like wise advice, but how do I go about this? "Just add another
> NAT", sound simple enough, but how do I do that?

You wrote you had NAT and PF already running. There is no difference
between adding a second NAT zone and creating the first one.

> I guess safer means there will be no access to my wired network (LAN)
> if I add another NAT zone? Help would be much appreciated ;-)

If you don't route between your wireless and wired networks
and just let both of them communicate with the internet,
there will be no access between them.
> One other thing: if I (still) decide (in the future) to clone, would I
> clone the internal Ethernet card or the one attached to my ISP?

As your ISP probably wouldn't accept your local IPs, you would
have to bridge between your two local NICs, otherwise you would
circumvent your NAT setup.


Attachment: signature.asc
Description: PGP signature

Reply via email to