Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

basic firewall setup query

Posted on 2004-09-02
3
Medium Priority
?
132 Views
Last Modified: 2013-11-16
hi there.

semi-quick question.

I'm working on a network that has an adsl connection that all the office pc's (being on a private IP network) NAT through the router/modem to get to the outside world.

It's got a firewall capability on it, disabled at the moment, allowing anything and everything through.

I've been in control of a firewall with two different offices before but that was about 4 yrs ago and I'm somewhat rusty on my firewall theory at the moment.

i know it's asking a bit, but can anyone gimme a basic set of firewall rules to allow users on the 192.168.0.* ip range to access anything in the outside world (192.168.0.0/32 etc) and a couple of basic rules to allow one ip address from the outside world to access an ip addy on the port 80 protocol on the private network?

(I know it's fairly easy and I'm fairly sure I could manage it but I'd just like to make sure I know what i'm doing first, cant practice on anything handy,y'see.)

thanks very much

Daryn
0
Comment
Question by:daryn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 11

Expert Comment

by:billwharton
ID: 11962821
Well, you probably only want to allow your internal users to the following protocols on the Internet.
Port 80, 443 for web traffic
Port 21 for FTP


If your users use telnet, then open up port 23 and if they also use external SMTP servers, open up port 25.

Now, if you want to allow Internet users access to an inside server on port 80, you would need to create a static NAT entry and then put in an access list allowing traffic on port 80 to the inside server.

If you need further help configuring your firewall, please state the brand and model number.
0
 

Author Comment

by:daryn
ID: 11971371
it's a dlink dsl-504t adsl modem router. I understand/remember the concepts of port opening, standard ports etc but the actual notation etc, the /32 subnet mask marking etc, are eluding me right now.
0
 
LVL 11

Accepted Solution

by:
billwharton earned 500 total points
ID: 11971394
well, if your network is 192.168.0.0 then your subnet mask would be 255.255.255.0

However, if your network is 192.168.32.0 than your subnet mask would be 255.255.255.0
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question