On 5 jul 2010, at 19:30, Modulok wrote: > It was a simplified diagram of what I thought I needed. ( Which may or > may not be what I actually need! ) > > Basically, I want a port on the switch that I can plug un-trusted > devices into. Systems wich are known to be just crawling with > malicious software. I need to provide them with an Internet > connection, but otherwise want them separated from everybody else. > Think DMZ isolation, but they're not providing any 'external' > services. I was wondering if this could be done with tagging and > address aliases, instead of buying a third network card for the BSD > machine. > > If that makes any sense.
Please don't top-post. Your way indeed is the way to go. I have a similar setup, where I don't my 19-year olds' PC roam my network. I've created two different VLANs on my switch (Nortel), and a trunk to my M0n0wall (=FreeBSD) firewall which separates the two. Peter -- Peter Boosten http://www.boosten.org _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"