Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Where to put my firewall

Posted on 2006-07-14
6
321 Views
Last Modified: 2013-11-16
I just got a new firewall "WatchGuard Firebox X700" and this is the first Firewall i have ever seen and used. Yes i am a newbie still. Anyways i am trying to figure out where exactlly where to put it at in my network. The following is how my network is.


Earthlink Netopia 4622 T1 Router "Running Nat" "Numbered IP Address"

48 Port Netgear Gigabit Switch


The T1 router plugs into the Switch and then all the users plug into the switch as well.


Thanks for the help

0
Comment
Question by:hcl1
  • 3
  • 3
6 Comments
 
LVL 10

Assisted Solution

by:naveedb
naveedb earned 500 total points
ID: 17112512
It should go between the T-1 router and Switch. If you want, you can move the NAT functionality to the WatchGuard to avoid duplicate NAT translations.
0
 

Author Comment

by:hcl1
ID: 17112818
Thanks for the feed back.....On my firewall box i have an External port and then Ports 1 Thru 5........ Should i plug in the router in the external and then a cable in port 1 to the switch?



Do you think earthlink will have any problems with takiing NAT off? I know i had major problems when i first got the T1 line becasue they didnt have NAT on our what they called "Numbered IP Address" and they had to go back and change my IP address.
0
 
LVL 10

Accepted Solution

by:
naveedb earned 500 total points
ID: 17113120
Thanks for the feed back.....On my firewall box i have an External port and then Ports 1 Thru 5........ Should i plug in the router in the external and then a cable in port 1 to the switch?

Yes, you will be expandin the ports on your firewall by connecting it to the switch. You may need to cross-over cable if you don't have a port that can connect two switches together MDI/MDIX.

Do you think earthlink will have any problems with takiing NAT off? I know i had major problems when i first got the T1 line becasue they didnt have NAT on our what they called "Numbered IP Address" and they had to go back and change my IP address.
 
I am not sure what the issue was originally. But give it a try, I have used this config few times without any issues. Do you have a single IP Address or a usable subnet of Public IP Addresses. If you have a single IP Address, then you may need to configure the T-1 router in a bridge mode if you disable NAT.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:hcl1
ID: 17113157
Thanks again......Earthlink provides us with a static WAN IP address and then a block of Useable IP address as well. We dont own any of them. Should i still be good?
0
 
LVL 10

Assisted Solution

by:naveedb
naveedb earned 500 total points
ID: 17114061
Yes, you should be fine. Assign one IP address from the block to the WatchGaurd and you should be good to go.
0
 

Author Comment

by:hcl1
ID: 17114931
Thanks for all the info... I am going to give it a try next weekend because i have alot to put together first and plus nobody will be there on the weekend.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Iptables Centos 6 - Sort Numerically 5 59
Sonicwall Email los and Alerts 1 63
Windows Server Firewall Configuration 2 58
How can I test a Deny All In Firewall rule? 2 13
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question