> I have a client who was using Linux as a proxy server it had this one LAN > interface and a WAN, LAN NIC in the virtual one he had, as follows: eth0: 1, > eth0: 2, eth0: 3, so he had:
We kind of already answered this one yesterday... but What you want to do will not work like they had it on the linux box, and really is not a recommended way to setup a network. It provides NO "real" security on your network - so what is the reason for segregating? If it is to provide security, then you may as well not bother because it would be trivial to hop networks at that point. If it is for access restrictions after the firewall - you can do what you want with what was recommended yesterday. Open up the network with a 192.168.0.0/22 Put the DHCP Range on 192.168.3.1 -192.168.3.254 Put in STATIC DHCP for devices on 192.168.1.0 and 192.168.2.0 Then setup Rule restrictions for the ip ranges. The only other option I can think of would be to setup 3 NICs for 3 LANs then plug them all into the same switch. Turn DHCP on all of them, restricted 2 of them to STATIC MAC mappings. I have no idea how that would work, or if it would - but you are welcome to give it a shot. Seems like it would be a broadcast nightmare - but if you want to try it.... -Tim