Linksys rv082/ADSL/ Watchguard firebox III 1000


I have an exsisting network about 800 nodes the main router/firewall is a Watchguard Firebox III 1000
the firebox is using Nat, public address X.X.X.197 also aliasing a x.x.x.195/ private address and doing port forwarding for Http, Smtp, Vpn etc.  All the Dns Records are being pointed to the x.x.x.197.  this now sits on a T1 that has about
10 unused static public IP's

I have a Dsl router that has been unused for 1 year that has 5 static public Ip addresses

I have a new Linksys RV082 dual wan router.

So I would like to configure the linksys wan1 with the T1 and wan2/Dmz with the DSL for failover
and slip the linksys behind the firebox with the least amount of reconfiguration to the lan, basicaly
configure the linksys like a switch which will just forward all traffic to the X.X.X.197 address

Is this even possible? Any suggestions would be very much appreciated.

P.S on my last attempt , I pulled the T1 from the external interface on the firebox, inserted into wan1 of the linksys
pluged the external interface of the firebox into lan1 port of the linksys, the firebox then disapeard from the lan, the default gateway which is the firebox lan ip. I could not see or ping the firebox untill I reversed the configuration.

wan 1 on the linksys was configured with a x.x.x.196, lan ip was x.x.x.198 all public static IP's, all firewall features disabled
and a route enterd to forward all traffic to x.x.x.197
Who is Participating?
Fatal_ExceptionSystems EngineerCommented:
Actually, looking at your diagram, I see no reason that you cannot get this to work as you currently have it setup...  You may have to build the route to your DSl connection (on the linksys) since it is on another subnet mask, but even if you do not, you should still be getting out on your T1..  I would just make sure that your Wan port on your Firebox has the correct mask, as that would certainly cause a problem, but I just see no other issue with that....  And this would also be the quickest way to get you up and running here...

I am wondering now if you might have a problem with the DW router..??   Can you get into the interface and try and network diags on the connections..??  Even a ping would be nice..  I would take a laptop and connect directly to it for testing purposes..  You know, start taking items off so we can narrow down the problem..   You could even keep your current config up and running and just test the DW router with the DSL..  Once you get it configured correctly, you could start adding hardware, including the T1 line..

And yes, it should be setup as a router...  

Fatal_ExceptionSystems EngineerCommented:
Are you saying that you inserted the Dual Linksys between your firebox and T1, and lost the connection to your gateway on the firebox..?  I must be reading this wrong, as I am not sure how that could happen..
HynesCoAuthor Commented:
That's what I am saying, the local LAN port on the Firebox is configured as the gateway , that was never touched and completely disappeared once I switched the wan port only

ISP----------------------------LinksysRv082------------------------------->Firebox---------->LAN Switch       >        NAT
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Fatal_ExceptionSystems EngineerCommented:
Although I am not familiar with a Firebox, this is a most unusual occurrence.   The gateway should remain regardless of what you do on the external side of the firewall.  I could understand the route between the Firebox and the Linksys causing an issue, but you should still be able to ping the gateway...

On the Firebox, do you have ICMP enabled to allow a ping to be processed and bounced back..?  In other words, I assume that ping works when you have the original config..??
HynesCoAuthor Commented:
I agree, ICMP is enabled
one thing though, since I am turning the linksys into a basic switch
should the original default gateway on the firebox have to change from .193 or should it point to .198
Fatal_ExceptionSystems EngineerCommented:
We are using a dual wan router in my office.  It gets two Global addresses for the Wan ports and I use private addresses from it to my firewall, then on to my routers, which further segment the network...  so I guess it depends on how you want to set it up..  personally, I would set yours up like mine, as it is easy to administer that way, and to segment...  In fact, I use all three private classes to do this...
HynesCoAuthor Commented:
as far as you config goes, was the dual wan device introduced into a preconfigured network or was it inplace from the start?
Fatal_ExceptionSystems EngineerCommented:
No, we started with a Cable connection using a simple Linksys Device...  As we expanded our operation, we realized the need for redundancy and I implemented the dual wan technology.  Plugged it in, and after 30 minutes of configuring the DW router, we were up and running..  Did take a week or so to tweak the router, but we are fairly satisfied now...

that being said, we did take 2 weeks to determine the new network setup (and the entire day of the DW installation to implement the IP address scheme we wanted to employ..)   This reconfiguration (DHCP) was generally done with our DC's and file servers in mind (we did not want to disturb their IP scheme) and the fact that we needed to isolate our external servers (web and mail) from our internal network within a DMZ...
HynesCoAuthor Commented:

well If you dont mind I would like to ask a few questions for my peace of mind because I just dont know the answer to these
questions dealing with a dual wan device.

Buy the way if you remove the linksysRv082 and wan 2, this is the original config.
ISP-------------------------------LinksysRv082----------------------------------->Watchguard Firebox III---------->LAN Switch
T1                                                                                                                           | <Gateway                                                                |       
ISP DSL                           /<Gateway    

the .197 on the firebox is the original config which also aliases a .195, I have A records, Mx records etc being forwarded to this address which then forwards the smtp to the mail server the www. to the web server. If I introduce the linksys behind the firebox will I have to change my DNS pointers to .196 on the linksys or is there a way that you know how to do this if it is even possible forward all traffic to the .197?

If I am not doing a 1 to 1 Nat on the linksys
The Dsl for failover will not work unless I add a route?
The working mode is a router right? and not a gateway?

#3 With your experiance what would you do to get this up and running A.S.A.P with out alot of user interuption and or reconfiguration

Many Thanks
HynesCoAuthor Commented:

Thank you for your input, I feel better about this project now, I will try to implement the router config again
next week some time, just waiting on the client's ok. So I am awarding you with the 500 pts, with an A rating
for all your help and time.

If I run into anything next week Ill post and maybe we can swap some ideas :)

Thank You



Fatal_ExceptionSystems EngineerCommented:
Thank you, and I would be happy to try to assist..  Good luck with your client..  

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.