Joined: 19 May 2011
|Posted: Tue Jun 12, 2012 9:50 am Post subject: Adding VLAN to a running configuration
I have been using ZeroShell very successfully for the past 12 months.
I have ZS installed between my core switch and my router, working as bridge and captive portal and firewall. It is working flawlessly.
Now my network configuration is changing and I have to use VLAN trunking for VLAN 10 and 11 between my core switch and my router.
How can I implement that with the minimum disturbances to the configuration? I have checked that without ZS the router and the core switch are working as expected; but my existing configuration for ZS is not working.
I am especially concerned with the firewall part that has hundred of rules, some being interface based.
I think that I have to create the VLANs on each of the physical interfaces that take part of the bridge; and I have to have a bridge for each VLAN. Or should I create only one bridge that contains all the VLANs for all the interfaces?
It seems that CP is working only at the physical interface level, not at the VLAN level (I don't see the ETH00.10 VLAN in the CP configuration). Is that a problem?
For the firewall, at worst I call use a script to change all the rules.