First off, Thanks everyone who helped me get my setup running so far, the erroneous subnet and the embedded image on the HP server.
So now that the server is running minimally configured, I have a built-in bge0 interface and a quad port Intel nic. I have the WAN setup on bge0 (no VLANs) and hope to actually use the device to route between VLANs securely based on rules at the gig speeds (our pix used to do this at _low_ speeds) as well. Based on previous input, I understand that I should setup phys switch ports for all 4 internal interfaces as tagged into each vlan I require. So after creating VLANs on each Parent interface, I then intend to create Opt interfaces assignments for each of those VLANs. Most important to us will be the vpn filtering, most users will need very few port/host provisions whereas admin users might need whole subnets unfiltered. In reading the end of http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN#Filtering_OpenVPN_Traffic I am still unsure how this works. Previously with my pix, I created various VPN groups, (RDPgroup, AdminGroup) etc and gave them each unique subnets, then simply wrote rules from the WAN interface with those source subnets to the internal interface with the lan subnets governing what traffic was permitted. So a user with connection credentials to RDPGroup would get on a subnet that could that only passed TCP 3389 to certain hosts on the Lan. Can I still replicate this with my intended setup? Thanks! jlc --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
