cancel
Showing results for 
Search instead for 
Did you mean: 

Too many firewalls

Mark_Dowd
Grafter
Posts: 102
Registered: 08-08-2007

Too many firewalls

Having missed the fact that the Solwise SAR110 offers firewall functionality I have installed a NetGear FM114P Wireless Router/Firewall/Print Server. This is further complicated by installing Norton Internet Security 2003 to protect the kids from themselves (and others) on their PC.

The route in from the telephone socket is as follows:

81.174.n.n /32
SAR110
192.168.7 /24
FM114P
192.168.0 /24

This leaves me with a complex environment if I choose to allow limited inbound access in the future.

Q1. If someone is trying to attack my network, does the SAR110 provide logging and alerting? Does it "leak"?

Q2. Is the firewall functionality of the FM114P better or worse than the SAR110?

Q2a. If I wanted to disable the SAR110 protection and forward all ports on to the FM114P, so that its firewall was the active component, how is this best achieved? Does this expose the SAR110 to attack?

Q3. If I wanted the public side of the FM114P to have my public IP address, is this possible when I only have one IP address assigned to my account, with a 255.255.255.255 subnet mask? Is this desirable? (I think I already know the answer to this)

All contributions gratefully received
2 REPLIES
Mark_Dowd
Grafter
Posts: 102
Registered: 08-08-2007

Too many firewalls

Well, I may be talking to myself, but I have been digging.

Apparently the SAR110 can be configured to use ZIPB (Zero IP Bridging) which passes the public IP address, as part of the DHCP package, back to whatever is plugged into the RJ45 socket on the back.

Unfortunately my NetGear FM114P Wireless Firewall bounces all responses as unauthorised penetration attempts when the subnet mask on the WAN interface is 255.255.255.255, as in ZIPB.

I'll keep you posted Smiley
Mark_Dowd
Grafter
Posts: 102
Registered: 08-08-2007

Too many firewalls

Fixed it Cool .

The trick is to configure the SAR110 to run ZIPB (as directed in the Quick Setup Guide) until DHCP from PlusNet works, then make a note of the IP, netmask and DNS addresses. Specify these manually in the router, but override the netmask to 255.255.255.252. This will fix the firewall problem, but render three adjacent IP addresses invisible.