IP address range in Firebox 700

[cassell90]

I am new to Firebox configuration.

I have a Firebox 700 previously configured by another employee who is gone. He assigned all clients (13 total) static IP addresses in the range of xxx.xxx.xxx.100-.199.

I set up DHCP on Win 2K server to assign IP range xxx.xxx.xxx.50-99. When these were assigned, client could not access internet through the Firebox.

I then set up DHCP with a range of xxx.xxx.xxx.175-.199 and DHCP clients could access the internet through the Firebox.

Is there a configuration somewhere that covers this? Any help at all would be appreciated.

Thanks

 

[Ntr0P]

The network connfiguration on the FB can be set at Setup -> Network. Depending on how the FB is configured, *how* you do this will differ a little bit, but all the information is the same.

If the FB is in Routed mode, you will configure the setting under the Trusted Tab. If it is in drop-in mode, you will add a secondary network. In either case, specify the network address and subnet for that network.

The FB doesn't care how large or small your network is provided the subnets don't overlap.

 

[AlienEmpire]

You may also want to verify that the HTTP service isn't limited to only the xxx.xxx.xxx.100-.199 range. If it is, anything outside that range will be denied.

You could change the service to "ANY" or increase the range for outgoing traffic.

 

[Ntr0P]

You'll want to be careful with the "ANY" rule on outbound. There is an "Outbound" filter which would be a little better. In general egress filtering is recommended (only let out what needs to get out).

I've actually caught a virus before it could spread simply because I only allow SMTP outbound traffic from our email server. I receive notification of failed attempts to use outbound SMTP. Sometimes a tell-tale of virus activity.