From owner-freebsd-questions@FreeBSD.ORG  Mon Jul  5 17:33:31 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 09B1B1065673
	for <freebsd-questions@freebsd.org>;
	Mon,  5 Jul 2010 17:33:31 +0000 (UTC)
	(envelope-from peter@boosten.org)
Received: from smtpq4.gn.mail.iss.as9143.net (smtpq4.gn.mail.iss.as9143.net
	[212.54.34.167])
	by mx1.freebsd.org (Postfix) with ESMTP id B43258FC21
	for <freebsd-questions@freebsd.org>;
	Mon,  5 Jul 2010 17:33:30 +0000 (UTC)
Received: from [212.54.34.148] (helo=smtp16.gn.mail.iss.as9143.net)
	by smtpq4.gn.mail.iss.as9143.net with esmtp (Exim 4.69)
	(envelope-from <peter@boosten.org>)
	id 1OVpXo-0001R1-HI; Mon, 05 Jul 2010 19:33:24 +0200
Received: from [84.25.59.18] (helo=ra.egypt.nl)
	by smtp16.gn.mail.iss.as9143.net with esmtp (Exim 4.69)
	(envelope-from <peter@boosten.org>)
	id 1OVpXm-00041U-Fp; Mon, 05 Jul 2010 19:33:22 +0200
Received: from mbp.egypt.nl (mbp.egypt.nl [192.168.13.33])
	by ra.egypt.nl (Postfix) with ESMTP id 23C3C3983E;
	Mon,  5 Jul 2010 19:33:17 +0200 (CEST)
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset=us-ascii
From: Peter Boosten <peter@boosten.org>
In-Reply-To: <AANLkTim0kbRIA5ZaCYCLaijIvTmGyugiy36vHgU10sAX@mail.gmail.com>
Date: Mon, 5 Jul 2010 19:33:16 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <60F62E69-FAF0-4A71-A673-17051D1280E2@boosten.org>
References: <AANLkTilW7eTmmdUtRlXpRX3CT_vuOkE2M0eDB_qiiauW@mail.gmail.com>
	<20100705165746.GB10990@Grumpy.DynDNS.org>
	<AANLkTim0kbRIA5ZaCYCLaijIvTmGyugiy36vHgU10sAX@mail.gmail.com>
To: Modulok <modulok@gmail.com>
X-Mailer: Apple Mail (2.1081)
X-ZiggoSMTP-MailScanner-Information: Please contact the ISP for more
	information
X-ZiggoSMTP-MailScanner-ID: 1OVpXm-00041U-Fp
X-ZiggoSMTP-MailScanner: Found to be clean
X-ZiggoSMTP-MailScanner-SpamCheck: geen spam, SpamAssassin (niet cached,
	score=4.307, vereist 5, BAYES_80 2.00, EMPTY_MESSAGE 2.31,
	SPF_PASS -0.00)
X-ZiggoSMTP-MailScanner-SpamScore: ssss
X-ZiggoSMTP-MailScanner-From: peter@boosten.org
X-Spam-Status: No
Cc: David Kelly <dkelly@hiwaay.net>, freebsd-questions@freebsd.org
Subject: Re: VLANs is this right?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jul 2010 17:33:31 -0000


On 5 jul 2010, at 19:30, Modulok wrote:

> It was a simplified diagram of what I thought I needed. ( Which may or
> may not be what I actually need! )
>=20
> Basically, I want a port on the switch that I can plug un-trusted
> devices into. Systems wich are known to be just crawling with
> malicious software. I need to provide them with an Internet
> connection, but otherwise want them separated from everybody else.
> Think DMZ isolation, but they're not providing any 'external'
> services. I was wondering if this could be done with tagging and
> address aliases, instead of buying a third network card for the BSD
> machine.
>=20
> If that makes any sense.


Please don't top-post.
Your way indeed is the way to go. I have a similar setup, where I don't =
my 19-year olds' PC  roam my network. I've created two different VLANs =
on my switch (Nortel), and a trunk to my M0n0wall (=3DFreeBSD) firewall =
which separates the two.

Peter

--=20
Peter Boosten
http://www.boosten.org