Posted: Sun Feb 19, 2012 16:17 Post subject: VLAN's Still Able To Communicate Even After Firewall Rule
I'm trying to setup a test network and installed two additional Gigabit cards in my server. They are Rosewill RC-400.
I have a Cisco E3000 with the DD-WRT v24-sp2 (04/13/11) std-usb-nas - build 16785 installed.
I went into VLAN's and put Port 2&3 in VLAN3 and created a bridge with a 10.42.2.x network. I then assigned that bridge to the VLAN and create a DHCP server for it.
I also added "iptables -I FORWARD -i vlan+ -o vlan+ -j DROP" to the firewall to block communication between vlans (got this from another thread). The issue is I still can ping it from VLAN1 and when I go to the NIC card that has the cable plugged in it's not receiving an IP address.
My main reason for doing this is I want to create a test network. I currently running Server 2008 R2 with multiple VMs. I want to create a test network that I can setup as domain environment and all the roles, but I don't want it to effect my production network.
Am I going in the right direction with this or am I missing something?
As for the dhcp, domain controller will preferably need to be the dhcp server as well, when you set it up, else you will have to mess with dhcp configs on the router (if it is even supported).So disable the dhcp for vlans where you want your domain server setup
Also, depending on the NIC's chip manufacturer, you may not need 3 nics for different vlans. o
I know intel, broadcom and realtek have tools to make windows recognise multiple vlans on 1 nic. [it is so much easier with *nix] _________________
Nethear R6300 v2 - Latest Kong dd-wrt always
Linksys E3000 - Latest dd-wrt always
Asus RT-N56U - OpenWRT trunk