I am trying to connect a firewall to my network and am having a difficult time. This is what I have so far: I have in my network a DSL modem in bridge mode attached to a linksys router with PPPOe enabled,running DHCP. The router have the ip of 192.168.1.1 and a public internet ip, and is attached to the unmanaged switch where all my pc's attach to. I want to put the sonic wall between the switch and the linksys router, setup DHCP on the sonicwall and disable it on the linksys, then configure X0 (LAN)as 192.168.1.1. This will give my clients addresses on the 192 network range which is what I want. Can somewhat tell me what I must do to the router to have it communicate with the sonicwall? Or should I get rid of the router? Maybe configure X1 on my TZ 200 with PPPOe and give it a public IP. Would this work? Would I have traffic being routed without the router? How about my emails? Would I need a DMZ for them? Can someone help? Thanks
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
TZ 200 and Linksys BEFSR81
- Thread starter meloadri
- Start date
NetworkTek
IS-IT--Management
Are you set on keeping the Linksys router in the mix? To simplify it you could just set the pppoe up on the external interface of the Sonicwall and assign 192.168.1.1 to the internal interface and enable dhcp and you will be set. That would be my recommendation.
Network+
Inet+
MCP
MCSA 2003
MCTS
Network+
Inet+
MCP
MCSA 2003
MCTS
- Thread starter
- #3
Thanks for your response NetworkTek. What I ended up doing was changed the router IP to 192.168.2.1 and disabled DHCP. Then I gave the internal port on the Sonicwall 192.168.1.1 and enabled DHCP. I gave the external port of the Sonicwall a 192.168.2.2 address so that it can communicate with the Linksys. So far its working okay. But I have a question: YOu suggested to eliminate the router. Dont I need it for routing? I thought you need a router in just about any network!
NetworkTek
IS-IT--Management
Your TZ200 will do the routing just fine it is a router/firewall. You can simply configure it for pppoe on the wan interface and leave the current lan interface configuration the way it is. This will eliminate that uneccesary 192.168.2.0 network that you have now. As it sets right now you are taking an extra hop on your way out to the internet and peforming NAT(Network Address Translation) twice. The way you have it will work but it just makes it much easier in terms of firewall configuration and making access rules, port forwards and so on to allow certain traffic into or out of your network. Hope this helps
Network+
Inet+
MCP
MCSA 2003
MCTS
Network+
Inet+
MCP
MCSA 2003
MCTS
- Thread starter
- #5
It does help...thanks. I have a user that needs to access a server on the network from the outside. When the router was 192.168.1.1, I had forwarded port 5632 (i believe it was)on the router to the server IP which was 192.168.1.5. Now with the router IP changed to a .2 network, when I looked at the port forwading, it says that its forwarding to 192.168.2.5. But the server still has IP of 192.168.1.5. Its not going to work is it? I should do port forwarding on the Sonicwall shouldn't I? You are right...it's all pointing to the elimination of the router.
NetworkTek
IS-IT--Management
Yes I would eliminate it. There are some things that you can do to get around it. But in long run the management of it would much easier on you if you just eliminated it.
Network+
Inet+
MCP
MCSA 2003
MCTS
Network+
Inet+
MCP
MCSA 2003
MCTS
- Thread starter
- #7
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question