On Fri, Jul 24, 2009 at 1:19 PM, Joseph L. Casale<[email protected]> wrote: > The deployment I was planning earlier that referenced the 1u case > reco from everybody just got accelerated, the PIX that I was replacing > died:) > > I have a single wan(dhcp)(em0) and lan(192.168.0.1)(em1) interface, both > working > as expected. On the switch that the lan(192.168.0.1)(em1) interface is on, > there > is a tagged VLAN(3) I need access to, so I may forward external ports from the > wan to it, and write rules to allow certain ports access between the lan and > vlan(3). > > I set up a vlan(3) on my lan int(em1) in the assign menu, the switch is set to > untag traffic into the default lan, and allow tagged traffic into vlan(3). > > With my opt1 interface on a new subnet that matches vlan(3), how do I > configure it > now? > > I am kinda pressed as I have scads of people lined up wondering when > connectivity > will be restored and I hadn't finished figuring out how I was going to > migrate off > the pix, presently I had only been reading about the vpn config as I assumed > that > would be the most challenging:) > > Any help would be appreciated! > jlc > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
Here's what I do using the same setup as you have: I assign the WAN(em0) and the LAN(em1), to configure the conectivity to the internet, I connect to the web interface, create some basic rules(so I can access my adsl modem), then I go to the assign option, then to the VLAN tab and I add it assigning it to the em1 interface, I reboot the box, connect to the webinterface again then I go to the assign option and add a new interface using the VLAN I just created, then I go to the newly interface, I rename it(DMZ) and add the IP address and the subnet, remember to save changes in every step you make of the setup, create the pertinent rules(very important) then to test it I just go to the DHCP service and I use a short range so I can connect to the newly subnet using my laptop. hope it helps. -- Usuario Linux Registrado #452368 Usuario Ubuntu Registrado #28025 "Doing a thing well is often a waste of time." ---------------------------------------------------------------------------------------------------------------------------------- //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
