stewartje
asked on
DHCP setup on Watchguard Firebox and not on W2K Server???
I just inherited the IT jobs for my company and have some basic questions.
1. The current config is one W2K server with a Watchguard Firebox and a net gear hub. 30 Clients all using XP Pro or WIN 2000. The last guy set up the DHCP on the Firebox and not the W2K server. Should I make the W2K server the DCHP server or keep it the way it is? The XP machines take a long time to log in (just fixed the DNS root problem). Is this current setup a security issue?
2. Does anyone have any experience with the firebox?
Thanks.
jon
1. The current config is one W2K server with a Watchguard Firebox and a net gear hub. 30 Clients all using XP Pro or WIN 2000. The last guy set up the DHCP on the Firebox and not the W2K server. Should I make the W2K server the DCHP server or keep it the way it is? The XP machines take a long time to log in (just fixed the DNS root problem). Is this current setup a security issue?
2. Does anyone have any experience with the firebox?
Thanks.
jon
Commonly, W2K DHCP server have more options for DHCPO clients than other firewalls, especially for those AD related settings. Of course, if you dont need those, only need dynamic IP assignment, don't change anything if it works well.
ASKER
Thank you and I understand about not fixing things that are working.
I would like to hear from others about the Firebox.
I fixed the DNS problem but am unfamiliar with its workings as well. It sucks not knowing much about it. I bought a book by Mark Minasi and am reading it but we have problems that need to be fixed now.
jon
I would like to hear from others about the Firebox.
I fixed the DNS problem but am unfamiliar with its workings as well. It sucks not knowing much about it. I bought a book by Mark Minasi and am reading it but we have problems that need to be fixed now.
jon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for the links. I will end this thread and start a new one in the other section.
jon
jon
However, if your Watchguard is providing DHCP and you are having name resolution issues, then it is most likely DNS that is not properly set up rather than DHCP. Plus, I don't think that the Watchguard's DHCP is telling the clients to register themselves in DNS. In this case, it IS broke. Moving DHCP to the Windows server certainly will give you that option.
Is it a security issue to keep it on the firewall? My philosopy is to let the firewall do what it does best - block bad packets coming in. Don't put any extra burden on it for trivial services that can be done by another system.
I'm a PIX guy myself, but if you have specific questions on the firebox, I'm sure there are other experts hanging out here that can help..