Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Creating a public wifi seperate from our private network

Posted on 2010-09-02
12
Medium Priority
?
725 Views
Last Modified: 2013-12-27
Want to setup a Watchguard firebox x10e optional network to allow clients internet access but not access to the internal network.

Watchguard is connected directly to a T1 line. (The trusted network is working fine.)
I enabled the Optional network on the Watchguard with the default ip 192.168.112.1

Enabled Optional Network DHCP is on with the range 192.168.112.50 –  192.168.112.60

Plugged in a Linksys wireless access point WAP54G in access point mode to optional port on Firebox. I assigned the Linksys WAP 192.168.112.2

I can connect a computer wirelessly, the firebox optional network dhcp server assigns 192.168.112.50

But it cannot resolve internet domain names. I can ping public ip addresses.

What do I need to do to allow internet access?

Thanks,
Aaron
0
Comment
Question by:AJHebert
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 12

Assisted Solution

by:mlongoh
mlongoh earned 1000 total points
ID: 33589983
You have internet access if you can ping public IP addresses.  What is DHCP assigning as DNS servers on the optional network?
0
 
LVL 13

Accepted Solution

by:
marine7275 earned 1000 total points
ID: 33589984
you need to configure dns on the optional network on your dhcp scope. you can use 4.2.2.2
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 33590001
What does it assign for DNS etc.
On the laptop do an IPCONFIG /ALL in a CMD window and paste the output here
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 

Author Comment

by:AJHebert
ID: 33590082
The DHCP is assigning the DNS assigned on the watchguard. Which works fine on the trusted side.

Optional Network settings does not seem to have an option to set the dhcp scope? Is this done in a different setting area?
0
 

Author Comment

by:AJHebert
ID: 33590194
The DNS assigned is 64.90.1.1
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 33590248
That's your problem - that server is refusing queries (at least from me) and may only be configured to accept queries from nodes on it's network.  You can change it to 4.2.2.2 or another public DNS server that your ISP has identified as usuable for you.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 33590274
from the wireless connected laptop, can you ping the default gateway? Ping the DNS server? run an NSLOOKUP for www.google.co.uk, do you get a result?
 
0
 

Author Comment

by:AJHebert
ID: 33590333
Had to leave for the day. Will try using 4.2.2.2 in the morning and post an update or hopefully assign a solution.

I pinged the 64.90.1.1 and the default gateway and they ping fine.
0
 
LVL 12

Expert Comment

by:mlongoh
ID: 33590382
If you can ping public Internet addresses then you are NOT having a connection/routing problem.  You almost surely are having a DNS resolution problem.
0
 
LVL 1

Expert Comment

by:freez965
ID: 33592887
As many others have already commented, it looks like a purely DNS issue.  Check to be sure that the WAN DNS settings are getting passed to your DHCP clients -- once that is resolved, you should have no problems...should be an easy and fast fix.
0
 

Author Comment

by:AJHebert
ID: 33593001
It's weird though, as i stated on the trusted side of the firewall we have about 15 computers that connect using the same dns setting with no issues.
0
 

Author Closing Comment

by:AJHebert
ID: 33597793
Assigned 4.2.2.2 and it worked fine. The client informed me today that his ISP was bought out by another company. Contacted ISP and they told me that they are in the process of changing DNS settings on the network.
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
This program is used to assist in finding and resolving common problems with wireless connections.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question