mudmanc4 Posted August 23, 2009 CID Share Posted August 23, 2009 I had to set up a couple vlans on my LAN in a linksys WRT54G , I have two webservers that I needed to isolate from the rest , there's two static IP's, as well as DHCP enabled on vlan2, and have dyndns addys for obvious reasons. There working as they should. There all local machines so before setting the isolated vlans I was able to use real vnc to administer them, they can be reached remotely and all is good. However, I still need to admin them, but the way the code is written, I can't access them locally via the vnc client, but they can be reached on the same vnc client from a remote machine. But this is the way I wanted it, other then allowing local access across vlans, I didn't take that inconsideration. My question is do i need to configure trunking betweeen the linksys /cisco router, and the cisco 2924 XL-EN and the 2924 XL, connecting via rollover, or what is the config that I need to allow a management vlan between them. I should say this config was accomplished by telnetting into the router via putty. Here's my config~ nvram set vlan0ports="1 2 3 5*" nvram set vlan2ports="4 5*" nvram set rc_startup=' #!/bin/ash PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}" ifconfig vlan2 192.168.2.1 netmask 255.255.255.0 ifconfig vlan2 up ' nvram set rc_firewall=' iptables -I INPUT -i vlan2 -j ACCEPT iptables -I FORWARD -i vlan2 -o vlan1 -m state --state NEW -j ACCEPT iptables -I FORWARD -i vlan2 -o ppp0 -m state --state NEW -j ACCEPT iptables -I FORWARD -i br0 -o vlan2 -j logdrop ' nvram commit and here's my dns masq config for the webservers ~ interface=vlan2 dhcp-range=192.168.2.100,192.168.2.149,255.255.255.0,1440m Here's the layout of my network ~ WTR54G-----------Vlan 2 port 4------------------> server 1 & 2 | | | | | | | cisco 2924 XL (dummy) port 1 ------------- ftp server 1 / ftp server 2 / other local machines | | Cisco 2924 XL-EN (dummy for now then it will be the main switch later) | | | | | admin station | NAS/ NAS / hp 380 G3 & iLo port There's alot more, but it's irrelevant for my question, I'm sure it's simple , but my studies havent' gotten that far. I know it's in this line right here, I just don't know the language " iptables -I FORWARD -i br0 -o vlan2 -j logdrop " Quote Link to comment Share on other sites More sharing options...
mudmanc4 Posted August 25, 2009 Author CID Share Posted August 25, 2009 Where's swimmer when ya need him Quote Link to comment Share on other sites More sharing options...
tommie gorman Posted August 25, 2009 CID Share Posted August 25, 2009 Where's swimmer when ya need him Was gonna say long time no see, but I guess its not been that long. Last Active: May 15, 2009, 11:34:24 PM Quote Link to comment Share on other sites More sharing options...
mudmanc4 Posted August 25, 2009 Author CID Share Posted August 25, 2009 Was gonna say long time no see, but I guess its not been that long. Last Active: May 15, 2009, 11:34:24 PM Maybe I'll catch him next May Guess I'll have to keep my nose to the endless pages of configuration code. Ah well, good thing I enjoy it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.