I have added a 4th NIC to my setup, and want to set up wireless. I have started at the configuration Tom has for the last week, and my eyes are crossing. eth0 "net" goes to my internet connected firewall with a 192.168 address eth1 "loc" goes to my switch connected to local switch also 192.168.x eth2 "work" goes to my office with a 172. address eth3 Trying to follow Tom''s "My Shorewall Configuration" I gave the eth3 NIC 192.168.y.1 and a Cisco AP350 a 192.168.y.2 address. In trying to be "visitor friendly" (the intent is just add your MAC address) and let the visitor act like they''re at their local Starbucks and get a DHCP address. The Cisco hands out a 169. something address via DHCP. So, I''ll ask the question and duck.... Am I looking at solving routing, or do I have to do bridging ? Or, which section of the RTFM did I miss? My test laptop can browse the AP350, and this shorewall box can browse the AP350. I can also browse the AP350 from other local machines (windoze or linux). I am running shorewall 2.2.0. - Bill "a sufficiently talented fool"
Bill.Light@kp.org wrote:> I have added a 4th NIC to my setup, and want to set up wireless. I have > started at the configuration Tom has for the last week, and my eyes are > crossing. > > eth0 "net" goes to my internet connected firewall with a 192.168 address > eth1 "loc" goes to my switch connected to local switch also 192.168.x > eth2 "work" goes to my office with a 172. address > > eth3 Trying to follow Tom''s "My Shorewall Configuration" I gave the eth3 > NIC 192.168.y.1 and a Cisco AP350 a 192.168.y.2 address. In trying to be > "visitor friendly" (the intent is just add your MAC address) and let the > visitor act like they''re at their local Starbucks and get a DHCP address. > > The Cisco hands out a 169. something address via DHCP.I suspect a problem here. If the AP350 is an access point as the model number suggests then. a) It is probably not handing out IP addresses; that would require that it be a wireless router. b) The 169.254.0.0 addresses you see are being auto-configured by the wireless clients themselves (169.254.0.0/16 is reserved for IPV4 autoconfiguration).> > So, I''ll ask the question and duck.... Am I looking at solving routing, > or do I have to do bridging ? Or, which section of the RTFM did I miss?I think you should review the configuration of the AP350. I suspect that you should be running a DHCP server on your fireall (as I do) for assigning IP addresses to wireless clients. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:> > I think you should review the configuration of the AP350. I suspect that > you should be running a DHCP server on your fireall (as I do) for > assigning IP addresses to wireless clients. >And keep in mind that an Access Point typically operates as a bridge. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
> I have added a 4th NIC to my setup, and want to set up wireless. I have> started at the configuration Tom has for the last week, and my eyes are > crossing. > > eth0 "net" goes to my internet connected firewall with a 192.168 address > eth1 "loc" goes to my switch connected to local switch also 192.168.x > eth2 "work" goes to my office with a 172. address > > eth3 Trying to follow Tom''s "My Shorewall Configuration" I gave theeth3> NIC 192.168.y.1 and a Cisco AP350 a 192.168.y.2 address. In trying tobe> "visitor friendly" (the intent is just add your MAC address) and let the> visitor act like they''re at their local Starbucks and get a DHCPaddress.> > The Cisco hands out a 169. something address via DHCP.I suspect a problem here. If the AP350 is an access point as the model number suggests then. a) It is probably not handing out IP addresses; that would require that it be a wireless router. b) The 169.254.0.0 addresses you see are being auto-configured by the wireless clients themselves (169.254.0.0/16 is reserved for IPV4 autoconfiguration).> > So, I''ll ask the question and duck.... Am I looking at solving routing,> or do I have to do bridging ? Or, which section of the RTFM did Imiss? I think you should review the configuration of the AP350. I suspect that you should be running a DHCP server on your fireall (as I do) for assigning IP addresses to wireless clients. -Tom ========================================== Wow - Tom, you''re fast...I hadn''t even got off the computer yet. Yes, I that is what I am seeing, 169.254. I have not looked at that angle, but I suppose what you are saying is that it is possible to serve DHCP out on the one NIC, and not the others. I''ll go look at the 400 page monster of a manual with the AP 350, but I can still leave the AP350 itself as a fixed 192.168.y.2 address ? Thanks - Bill
Bill.Light@kp.org wrote:>>I have added a 4th NIC to my setup, and want to set up wireless. I have > > >>started at the configuration Tom has for the last week, and my eyes are >>crossing. >> >>eth0 "net" goes to my internet connected firewall with a 192.168 address >>eth1 "loc" goes to my switch connected to local switch also 192.168.x >>eth2 "work" goes to my office with a 172. address >> >>eth3 Trying to follow Tom''s "My Shorewall Configuration" I gave the > > eth3 > >>NIC 192.168.y.1 and a Cisco AP350 a 192.168.y.2 address. In trying to > > be > >>"visitor friendly" (the intent is just add your MAC address) and let the > > >>visitor act like they''re at their local Starbucks and get a DHCP > > address. > >>The Cisco hands out a 169. something address via DHCP. > > > I suspect a problem here. If the AP350 is an access point as the model > number suggests then. > > a) It is probably not handing out IP addresses; that would require that > it be a wireless router. > b) The 169.254.0.0 addresses you see are being auto-configured by the > wireless clients themselves (169.254.0.0/16 is reserved for IPV4 > autoconfiguration). > >>So, I''ll ask the question and duck.... Am I looking at solving routing, > > >>or do I have to do bridging ? Or, which section of the RTFM did I > > miss? > > I think you should review the configuration of the AP350. I suspect that > you should be running a DHCP server on your fireall (as I do) for > assigning IP addresses to wireless clients. > > -Tom > > ==========================================> > Wow - Tom, you''re fast...I hadn''t even got off the computer yet. > > Yes, I that is what I am seeing, 169.254. I have not looked at that > angle, but I suppose what you are saying is that it is possible to serve > DHCP out on the one NIC, and not the others. I''ll go look at the 400 page > monster of a manual with the AP 350, but I can still leave the AP350 > itself as a fixed 192.168.y.2 address ?Yes -- you should be a able to configure the IP address of the AP manually, or specify that it gets its IP address via DHCP (either from the wireless network or from the LAN). Just be sure that your DHCP server doesn''t try to hand out that address. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key