3 replies to this topic

[mudmanc4]

I had to set up a couple vlans on my LAN in a linksys WRT54G , I have two webservers that I needed to isolate from the rest , there's two static IP's, as well as DHCP enabled on vlan2, and have dyndns addys for obvious reasons. There working as they should. There all local machines so before setting the isolated vlans I was able to use real vnc to administer them, they can be reached remotely and all is good. However, I still need to admin them, but the way the code is written, I can't access them locally via the vnc client, but they can be reached on the same vnc client from a remote machine. But this is the way I wanted it, other then allowing local access across vlans, I didn't take that inconsideration.

My question is do i need to configure trunking betweeen the linksys /cisco router, and the cisco 2924 XL-EN and the 2924 XL, connecting via rollover, or what is the config that I need to allow a management vlan between them.
I should say this config was accomplished by telnetting into the router via putty.
Here's my config~

---

nvram set vlan0ports="1 2 3 5*"

nvram set vlan2ports="4 5*"

nvram set rc_startup='

#!/bin/ash

PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
ifconfig vlan2 192.168.2.1 netmask 255.255.255.0

ifconfig vlan2 up

'

nvram set rc_firewall='

iptables -I INPUT -i vlan2 -j ACCEPT
iptables -I FORWARD -i vlan2 -o vlan1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -i vlan2 -o ppp0 -m state --state NEW -j ACCEPT
iptables -I FORWARD -i br0 -o vlan2 -j logdrop

'

nvram commit

---

and here's my dns masq config for the webservers ~

interface=vlan2
dhcp-range=192.168.2.100,192.168.2.149,255.255.255.0,1440m

---

Here's the layout of my network ~

                  WTR54G-----------Vlan 2 port 4------------------> server 1 & 2
                  |     |
                  |     |
                  |     |
                  |     cisco 2924 XL (dummy) port 1 ------------- ftp server 1 / ftp server 2 / other local machines
                  |
                  |
        Cisco 2924 XL-EN (dummy for now then it will be the main switch later)
            |                 |
            |                 |
            |              admin station
            |
        NAS/ NAS / hp 380 G3 & iLo port

  There's alot more, but it's irrelevant for my question, I'm sure it's simple , but my studies havent' gotten that far.

  I know it's in this line right here, I just don't know the language  " iptables -I FORWARD -i br0 -o vlan2 -j logdrop "

[mudmanc4]

Where's swimmer when ya need him 

[tommie gorman]

Quote

Where's swimmer when ya need him 

Was gonna say long time no see, but I guess its not been that long.
Last Active:  May 15, 2009, 11:34:24 PM

[mudmanc4]

Quote

Was gonna say long time no see, but I guess its not been that long.
Last Active:  May 15, 2009, 11:34:24 PM

Maybe I'll catch him next May 

Guess I'll have to keep my nose to the endless pages of configuration code. Ah well, good thing I enjoy it.