Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firebox X 500 Configuration

Status
Not open for further replies.
janolan

janolan

Programmer
May 31, 2005
4
US
I'm really confused and would appreciate any information.

Currently I have 1 IP address assigned to me by my ISP. I have a server running ISA and public DNS. That server has 2 network cards. One card is the IP address assigned by my ISP and it connected to his router and the other is for my internal network and is assigned 192.168.0.11. I've got email and webpages on another server that is assigned 192.168.0.22. These 2 servers are connected by a one crossover cable.

I set up the firebox in drop-in on my ISA server. Since the firebox had the external IP address, I had to change the IP address on one of the network cards on the ISA server to be in the same subnet mask as my external IP number. I couldn't figure out any other way to do it.

I want to set up the watchguard firebox but I am totally confused now. I don't know if I should use drop-in or routed. I don't know if my servers are trusted or optional. I don't know if I can still pass traffic through the ISA server to the other server or not now. I would like to keep the same configuration so that I could use the caching with ISA. I mainly wanted to use the firebox for extra security and to stop spam.

I just can't find any documentation to where I can understand how to configure this thing. I think I understand and then I can't connect so I have to change everything back. Help please.
 
Sort by date Sort by votes

using this configuration I dont think that you will be able tp pass traffic to the ISA server as it is using an IP address that is not allocated to you

what I would recommend if you want to use the watchguard is get 2 additional Ip's from your ISP and then configured the firewall in routed mode. you would place the firewall between the router and your network and give the
exteranl interface one of the IP's

then configure the trusted interface with at 192.168 address

now connect the trusted interface to the same network as your intenral servers. you will need a switch for this or you may be able to use your

and then change the default gateway on the servers to the trusted firebox ip address

one this is done you would need to create a 1-1 nat rule for your web server and ISA , and for your ISA using the second IP address from your ISP this is under setup...nat..advanced

onee you have created this you would create a policy rule to allow web traffic out from your ISA server

a rule that allows DNS traffic in and out to the ISA server

and a rule that allow traffic in to your web server
 
Upvote 0 Downvote
Thank you for responding. Actually, I can be flexible on the set up since I plan on replacing my mail server soon. So what is the most straight forward or normal set up for using a firebox? I just need to be able to provide public DNS, FTP, email and webpages. Maybe I'm making this more difficult than it needs to be.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gkreg
  • Locked
  • Question
asa 5500-x url filtering
Replies
0
Views
393
gkreg
gkreg
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
167
hairlessupportmonkey
hairlessupportmonkey
Ditmar
  • Locked
  • Question
Firebox X configuration
Replies
4
Views
95
hairlessupportmonkey
hairlessupportmonkey
Docy
  • Locked
  • Question
Avaya IP office 500 V2 9.0.5 Watchguard 26 and Avaya 9620C
Replies
2
Views
99
hairlessupportmonkey
hairlessupportmonkey
xylax
  • Locked
  • Question
DHCP issues for AnyConnect configuration.
Replies
3
Views
153
ADB100
ADB100

Part and Inventory Search

Sponsor

Back
Top