VLAN protection on a PC with 2 NICs
Posted on 2004-09-14
I have a pc (say PcA) with 2 NICs;
each NIC is associated with a VLAN (say VLAN 1, e.g. 172.50.x.x and VLAN2,192.168.101.x );
another pc (say PcB) has 1 NIC, in VLAN2
Pc A=====(VLAN1 / VLAN2)====SWITCH----------------(VLAN2)------PcB
A user would typically enter the network thru the SWITCH which is connected with a firewall then a router (not shown in the above picture) and then the Internet.
A user coming from the Internet can access PcA thru VLAN1.
1) Once a user has access to PcA (on VLAN1), how should PcA exactly be configured to allow him to reach PcB (I think i should add some command like: route add 192.168.101.0 255.255.255.0 <what gateway ??> ), is this correct ?
2) With this configuration, is there any way to prevent PcA from reaching PcB ?
3) Is there anyway to allow such an access as "Read-only", I don't think so actually...
Thanks a lot in advance