Posted: Sun Feb 05, 2012 18:26 Post subject: Pls Help, segmenting/vlan by port on e3000 (14929)
Hi Guys, pls any help with this would be greatly appreciated
I have a bussiness FIOS connection with 10 public static ips. Currently I have a single LAN, 192.168.1.x. My firewall IP is using one of my public statics and my virtual machines are using the rest. Currently my virtual machines are on the same 192.168.1.x LAN. However I want to setup LAN port 4 on my e3000 running 1429 so it is on a network like 10.1.10.x. What do I need to do on my e3000 to tag the e3000 lan port 4 so any traffic going through it is on a 10.1.10.x network and what do I need to do in my virtual machines or esx? ALso I still want the LAN ips on the 10.1.10.x network to route to my public ips. Also I would like to be able to hit the 10.1.10.x network while on the 192.168.1.x network only from my Laptop (via IP filtering, mac filtering or VPN if need be)
Also I would like to create a wireless LAN that is part of this new 10.1.10.x network as well.
Make sense? Please guys I have a feeling this can be done since currently I have a startup scripts mapping my public IPS to vlan2 (the WAN port I assume) and nat translations to the private LAN ips. I am sure I can do this to segment my LAN by port.
thanks but I followed the guide and selected port 4 as my vlan 3 (since vlan 2 is used by the WAN) and set the vlan3 port as 192.168.2.1 and set the dhcpd but anything plugged into port 4 still gets a 192,168.1.x address so its like it is not working,
actually ports are reversed on router when compared to vlan page, thanks so much man you rock that worked beautifully
I wonder can I blow all routing between my 192.168.1.x amd 192.168.2.x network but allow certain mac addresses to route (so only certain machines can hit the network? or better yet can I have one way routing were I can hit the 1.x network from the 2.x network but not the other way around? If that makes sense? I am assuming I can write an iptables script but I dont know what it would look like. Thanks!
any help? righ tnow it looks like I can route from my 192.168.1.1 network to the 192.168.2.1 network but not the other way around. I know how to block routing form .1 to .2 but how can I allow routing from .2 to .1? I dont know if this is a firewall or routing issue