Lachian, hopefully you have a manageable switch that can create VLANs. You will have to create a VLAN for each of your subnets and add the appropriate ports into those VLANs. I would suggest that you use something other than VLAN 1 (default VLAN) for your two VLANs. On the port that is going to connect to your OpenBSD box, the port will be a member of both VLANs and turn on VLAN tagging (802.1Q) on the switch. If it is a Cisco switch using dot1q not ISL. You will have to turn on IP Forwarding, configure the VLANs, and enable VLAN tagging on the OpenBSD box.
I'm only a home user, I don't have anything fancy. Thanks for your advice, though.
Hopefully, this is only a temporary solution. Network traffic on that NIC will see twice as much as normal, since it receives and sends it out the same NIC.
As I said before, I'm only a home user; I could probably use 10BASE-T without having performance problems.
If you do not use VLANs, you will see broadcast coming from both of your subnets. If you bring up a sniffer, you should see them. Also, if the employees are clever they can just change their IP Address to become part of the new network and by pass any firewalling you might be doing on your OpenBSD box. :(
This is only a NAT box. It is not intended to provide any extra security, I am only using this type of setup for convenience (ie. anything to avoid using a consumer router interface without buying new hardware) and educational purposes. -- Thanks, Lachlan
