|
Title: Multiple Green Subnets? Preferably segregated. Post by: trymes on Wednesday 11 August 2010, 03:30:35 am Is it possible to create multiple Green subnets on one endian unit, preferably such that devices connected on Subnet A cannot send or receive traffic from Subnet B, without going out over the Red interface first. Each subnet would need its own DHCP server, etc. This would be used for, say, a situation where two groups shared the same internet connection, but not the same internal network.
I have installed a total of 3 network devices on the Endian unit, and they are all recognized, but I can't seem to see how I would segregate them from each other. I see where I could add an IP alias to one interface, but that would not provide DHCP for that interface, nor segregate it. I presume that VLANs will be involved to some extent. My apologies if I have missed any obvious references to this in the documentation. Tom Title: Re: Multiple Green Subnets? Preferably segregated. Post by: mrkroket on Wednesday 11 August 2010, 06:48:20 am Use GREEN, BLUE and ORANGE to have three fully separated LAN's, with three different DHCP's
Adjust the interzone firewall and you have 3 different LAN areas. Title: Re: Multiple Green Subnets? Preferably segregated. Post by: trymes on Wednesday 11 August 2010, 07:16:00 am Aha! So just set the second wired NIC to ORANGE (which is nominally Wireless, no?) and I will have two subnets, Orange will be wireless in name only.
Then, I can choose what traffic flows where using the inter-zone firewall. Seems too easy! Thanks for the quick reply. Tom Title: Re: Multiple Green Subnets? Preferably segregated. Post by: mrkroket on Thursday 12 August 2010, 01:39:36 am BLUE is the recommended Wireless zone, ORANGE is recommended for DMZ.
But in fact they are just like GREEN, you can use it to whatever you need. If you don't have enough NIC's you can also use VLANs for that. If you need more than 3 separated LAN's I think there is no way yet to do it. You can create alias on each zone, and have n subnets, but I think they aren't really segregated, which is a pity. Title: Re: Multiple Green Subnets? Preferably segregated. Post by: trymes on Tuesday 17 August 2010, 11:05:40 pm OK. Why would you use Orange instead of Blue? Is Blue not designed to be segregated? Wouldn't Orange be a DMZ that is open to incoming Internet traffic, or is it just a segregated network, and all incoming is blocked by default?
Tom Title: Re: Multiple Green Subnets? Preferably segregated. Post by: mrkroket on Wednesday 18 August 2010, 08:19:58 am Just because default rules for Interzone traffic assumes those roles, just that.
All zones except RED are similar. Title: Re: Multiple Green Subnets? Preferably segregated. Post by: trymes on Friday 20 August 2010, 06:20:51 am OK, so in other words, it shouldn't matter if I use Orange, Blue, or both for separate IP subnets, wired, wireless, or both.
Right? Tom Title: Re: Multiple Green Subnets? Preferably segregated. Post by: mrkroket on Thursday 02 September 2010, 04:25:13 am Yes, only configure the firewall as you really need (Both outgoing and Inter-Zone)
Title: Re: Multiple Green Subnets? Preferably segregated. Post by: laythingy59 on Thursday 29 March 2012, 04:40:12 am I know this is an old post but it refers to what i want to do.
I would like 2 green interfaces. I want to team the two together to load balance. I need to route Data traffic down one green interface and voip traffic down the other. Is this possible Thanks Adam Title: Re: Multiple Green Subnets? Preferably segregated. Post by: laythingy59 on Thursday 29 March 2012, 07:31:41 pm Found this in old documentation
http://docs.endian.com/archive/2.1/efw.system.network_configuration.html You can assign multiple interfaces per zone. Multiple interfaces can be added by pressing Ctrl and clicking on the desired interfaces. The interfaces will then internally bridged together, so they have the same functionality like a switch. |