Solved

Draytek 3300 series Firewall

Posted on 2009-05-11
19
2,452 Views
Last Modified: 2012-05-06
How would I get internet access on this firewall if I am a novice. I currently have a netgear router and I have bought a 3300 and upgraded to 5 private IP's too, does anyone know how I get basic internet access on this and how do I configure the WAN port and the netgear router?
0
Comment
Question by:mistyfly
  • 10
  • 9
19 Comments
 
LVL 22

Expert Comment

by:mutahir
ID: 24357217
can you elaborate what you mean by 5 Private IP Addresses ? are these 5 Public IP Addresses you have bought ?
You have two options :
Either you use your netgear to connect to the internet or you can use it as a ADSL Modem only (depending on your netgear's options available).
On a 3300 (Assuming you have ADSL Broadband and If you had a basic ADSL Modem):
To configure internet acces :
Access your Vigor 3300V in Internet explorer :
Click on the Network Menu and click on WAN
You will then see WAN1, WAN2, WAN3, WAN4
Then click on the EDIT Box next to WAN1 (Assuming that you have connected WAN1 via a straight ethernet cable to your ADSL Modem's Ethernet Port or to your Netgear's Ethernet Port)
You will then see options for WAN1
Select PPPOE from there if you want your 3300 to connect and have the public address assigned to it instead of your netgear or adsl modem.
It should be self explanatory for you or you can take screen shots and attach them here as a zip file and I will pin point you in the right direction
You can also, just leave your netgear connected to the internet as it is at the moment and then connect your 3300 wan1 port to any ethernet port available on your netgear ; this can cause problems if you are thinking of hosting servers behind 3300
Which Netgear model do you have ? If I can access it online or have a demo somewhere ?
Let me know if you are stuck further then the PPPOE screen , once you input your login details in their and your adsl modem is connected to your line it should then initiate the session and get connected, you can use the rest of your 3300 lan ports as per your requirements.
0
 

Author Comment

by:mistyfly
ID: 24362370
Sorry I have 5 public addresses yeah. And I will start to host servers/apps behind the firewall so I guess I need to go with the PPPOE option then. SO is it a case of me entering the dial up details on the 3300 and using the netgear as a slave in some way, would I need to set the netgear to do this? I can post some pics of the netgear today, my netgear is a DGN2000 if that helps? What IP would I assign to the netgear in this scenario then, would it take up one of my public IP's?
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24367705

Yes you would enter your account details, like username, password ; turn off the dhcp server on your netgear and assign it a static IP if you want to access it for configuration purposes you would then have to connect a pc on the netgear's ethernet port with the same subnet and default gateway would be your netgear.

Now, for 3300, you just need to input your pppoe details for WAN1 and connect WAN1 to the netgear's ethernet port, telephone line goes into the netgear. For the five public IP (I assume they are from the same subnet of public address) you can specify a second subnet in 3300 so it will then recognize and route for them as your private lan.
For the ports, you would then need to open ports under NAT settings ; Their is a diference between opening and redirecting ports.
So for e.g. if you need to open port 80 on two servers behind your 3300 then you would use port redirection on your router.
Also, you would need to disable or change the port for management (remote) of your router to somethin else from 80 and from 443 if you plan to do remote mgmt and have servers with these ports opened.
Once your router is online, let me know the ip and i will take screenshots for you.
Regards

 
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24367742
On your netgear you should have an option called pppoe pass through or similar to assign the public ip from your provider to 3300 directly. You won't loose your public ips, but if you specify the 2nd subnet option in 3300 then you would loose one ip which would be used on the 3300 WAN interface for the public subnet behind your router.
0
 

Author Comment

by:mistyfly
ID: 24386721
OK this sounds good, thanks mutahir, I will get programming tomorrow when I'm back in the office
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24387475
Let me know if you are stuck anywhere, take screenshots of the screen you aren't sure and post it here.
0
 

Author Comment

by:mistyfly
ID: 24413131
I dont have a PPoe pass through, I have attached the options, will I need another router?
DGN2000.bmp
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24415021
I am not sure about this Netgear router ; but you can check in Advanced > Wan setup
You can buy a DrayTek vigor 100 or vigor 120 adsl modem and connect your dsl line with it and that should be able to assign public ip to your 3300 (router).
Or
You can connect your netgear the way you do normally and put your 3300 in DMZ on it, your 3300 will get a Private IP Address from Netgear but will be visible to public as it would be in DMZ.
You can also check with your Netgear support whether it allows for PPPOE pass through, sometimes these terms are phrased differently, like TRUE IP etc.
let me know or have a screen shot of your Advanced > Wan Setup from Netgear
 
0
 

Author Comment

by:mistyfly
ID: 24420152
Maybe i'll have to go the dmz route, here is the advanced settings. Thanks for your help on this
DGN2000x2.bmp
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 22

Expert Comment

by:mutahir
ID: 24420257
Try the PPPOE Relay Option with DHCP disabled on your netgear ; Netgear n 3300 should be on the same subnet
assign a static ip to netgear and a static private ip to 3300 to talk to netgear
input ur login details in 3300 and hopefully it will work (i haven't used netgear but looks like it)
0
 

Author Comment

by:mistyfly
ID: 24420583
Dont think it will let me do it, check this out
DGN2000x3.bmp
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24420782
In your first screen shot, change the encapsulation to PPPOE and then come back to this screen and enable this option and follow the steps i mentioned before ths one.
0
 

Author Comment

by:mistyfly
ID: 24422056
OK think ive done that but the wan status on my router is still down. Heres the shot of the router and 3300
3300WAN.bmp
Picture-1.png
0
 
LVL 22

Accepted Solution

by:
mutahir earned 500 total points
ID: 24422274
try to remove the username/paswd from netgear, uncheck the option of connection requires login ; we are trying to treat your netgear as just a dsl modem (if that is supported on netgear) ;
Otherwise the DMZ option is left or you wud have to buy a DSL Modem.
 
0
 

Author Comment

by:mistyfly
ID: 24422428
Your a genius that worked! Now if wanted to change the ip class on LAN 1 is that wise or should I leave that as default and just work with LAN2?
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24423003
elaborate your scenario on LAN1 IP class ?
Do you want to have more then 1 Private Lan subnet ?
0
 

Author Comment

by:mistyfly
ID: 24430436
Yeah I do, I need to change the private subnet to a class B and was going to have another subnet but looks like I can't do it with this box. It shouldn't be too much of an Issue. I have another question on NAT but I'll start a new question and award full points for this.
0
 

Author Closing Comment

by:mistyfly
ID: 31580245
Thanks for the help!
0
 
LVL 22

Expert Comment

by:mutahir
ID: 24431978
Thanks for the points n i will look forward to the next question.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now