dick hoogendijk <[EMAIL PROTECTED]> wrote: > On 18 Apr Fabian Keil wrote: > > dick hoogendijk <[EMAIL PROTECTED]> wrote: > > > After adding the WiFi card this whould be: > > > defaultrouter="18.104.22.168" > > > hostname="lothlorien.nagual.st" > > > ifconfig_rl0="inet 22.214.171.124 netmask 255.255.254.0" > > > ifconfig_rl1="inet 192.168.11.1 netmask 255.255.255.0" > > > ifconfig_ath0="ssid airport01 media autoselect mode 11g mediaopt \ > > > hostap wepmode on wepkey `cat /etc/wepkey` channel 1 up" > > > cloned_interfaces="bridge0" > > > ifconfig_bridge0="addm ath0 addm rl1 up" > > > > You didn't specify the default wepkey, but the syntax looks > > OK to me. > > > BTW don't bridge your wireless and wired networks if you don't have > > to. If your only goal is to get internet access for your wireless > > clients, it's probably safer to just add another NAT zone. > > Sounds like wise advice, but how do I go about this? "Just add another > NAT", sound simple enough, but how do I do that?
You wrote you had NAT and PF already running. There is no difference between adding a second NAT zone and creating the first one. > I guess safer means there will be no access to my wired network (LAN) > if I add another NAT zone? Help would be much appreciated ;-) If you don't route between your wireless and wired networks and just let both of them communicate with the internet, there will be no access between them. > One other thing: if I (still) decide (in the future) to clone, would I > clone the internal Ethernet card or the one attached to my ISP? As your ISP probably wouldn't accept your local IPs, you would have to bridge between your two local NICs, otherwise you would circumvent your NAT setup. Fabian -- http://www.fabiankeil.de/
Description: PGP signature