Showing results for 
Search instead for 
Did you mean: 

Need advice...anyone using their firewall?


Need advice...anyone using their firewall?

I'm currently got ISDN, but I'm getting that removed tomorrow and 2mb Adsl installed, (hopefully also tomorrow).
I have a smoothwall, but I've also bought a origo 4 port router / modem with SP1 Firewall.
I could just connect both my pc's to the router, But I want the protection of the smoothwall too.
One of the pc's is my daughters and the other is mine, I'm not bothered about her machine going through the smoothwall, Just mine.
She'll have zonealarm and the router firewall so should be well protected.
But I want my config as this..
Internet--------Router-------Smoothwall-------My PC.

I've heard I have to disable DHCP on the smoothwall, and let the router assign Ip addresses to all Pc's connected to the router.
Will the router be able to pass successfully through the smoothwall, to assign my pc an IP or will I have to specify specific rules & settings in the smoothwall.

Most of the workings of the smoothwall is "way over my head", My first smoothwall took 2 days to build and get configured, my second an hour.
I roughly know how to navigate the smoothwall, And assume that the router is virtually the same as a smoothwall, but smaller.

Anyone already have a smoothwall and use it with a router / modem / firewall?

Also because the router uses a web GUi the same as the smoothwall, Do I need to put my username and password into both the smoothwall and router when I'm setting up or just into one.
Please help cos I'm well confused?
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Need advice...anyone using their firewall?

As the router has a SPI firewall, you would be as well to drop the Smoothwall all together. Running two firewalls is only going to cause problems.


Need advice...anyone using their firewall?

I'm beginning to feel your right, although I know it can be done with the router and the smoothwal together, because there are people on the smoothwall forum who say their doing exactly that.
I just want to be the best protected I can, And for 6 months I've been impregnable because of the smoothwall.
I need to be 100% sure that the router firewall is going to protect my system.
I don't want to resort having to use a software firewall as well as the router firewall.

Need advice...anyone using their firewall?

No way, keep smoothwall , it will have a FAR more advanced firewall on it than most routers out there!

There is also no *need* to protect a smooth wall box as there have been no reported remote root exploits against it, and i do not think any local root ones either so it is basicaly secure Smiley set it up so you have the smootwall then the router
then your PCs and if there is any problem on the firewall side of things just turn of the SPI in the router. However I would sugest running both as if , and only if the smooth wall DID get compromised somehow then you would have another firewall to get past.

Need advice...anyone using their firewall?

Actually I would keep the software firewall as well, and I'm pretty sure a number of other customers on the forums here, do have such a setup.

While I like Buz's setup idea, since the router contains a modem built it, your better having the router first.

Need advice...anyone using their firewall?

I run mine

cisco 837 -> freebsd box -> pix 501 -> home lan


Re: Need advice...anyone using their firewall


I don't use Smoothwall specifically, however I'm presuming normal principles shall apply.


I've heard I have to disable DHCP on the smoothwall, and let the router assign Ip addresses to all Pc's connected to the router.

Depends on your preference to be honest. The bottom line is that the router must know how to get to your PC's in order to send data to them (i.e. when you ask for a webpage, how does it get back to you).

Most firewalls typically do a form of routing, therefore this statement will most likely mean a requirement for static routes on your router unless you have some form of routing protocol working.

Presuming that the router then knows how to find your machine, it doesn't really matter how your machines get their IP Addresses - as long as they get a valid IP address. From experience, it tends to make life simpler if you only have a single dhcp server doing all of your work.


Will the router be able to pass successfully through the smoothwall, to assign my pc an IP or will I have to specify specific rules & settings in the smoothwall.

I would expect a good firewall to work on the principle that if you haven't asked for it to be let through, then you're not getting it. So in this scenario, you would need to apply specific settings to configure Smoothwall to permit DHCP Relay.


For reference, DHCP works by the client sending a broadcast for all to hear, the DHCP server hears this, and responds by supplying the necessary information for your machine to configure itself. This broadcast packet will not normally pass between different network sections, unless you have a helper service.

So if you want the router to provide address to machines behind the Smoothwall, then the Smoothwall machine would also need to provide a DHCP Relay service as well as permitting it.

I guess I should caveat that this all changes if the firewall works in bridging mode (is Smoothwall this capable?), then this wouldn't be an issue. [If you don't know what this means, you're probably safe to assume this is not the case] . In this instance, you would just need to ensure Smoothwall will pass normal DHCP packets.

For my tuppence worth, I personally would:
a) leave the DHCP service on the Smoothwall (this already works, no need to get dirty with DHCP Relay, or have fun with multiple servers). Minor tweaking should allow this to work for machines on both sides of the firewall.

b) Configure the router to tell it to send data to the Smoothwall machines for PC's that are behind it. (Also ensure that Smoothwall knows to send data to the router to get to the Internet.)

c) Ensure Smoothwall is configured to allow data to pass between your different network segments.


Need advice...anyone using their firewall?

Heeey Oni, is glad to see you on board Plusnet mate,

(Sorry mods I know off topic, but this is an OK guy and his first time with anything other than 56k)

Need advice...anyone using their firewall?

I know this reply is 2 days late, but I've kinda been busy.
Thx! for all the replies about the smoothwall.
I've set up an old pc, connected to the router via the smoothwall, and I'm currently trying to get configured prior to putting the smoothwall, on my network.
In the meantime, on my pc I'm using the router firewall and zonealarm, with no problems, so I may or may not ditch the smoothwall altogether.
Once I get the smoothwall configured on the old pc, I will hook it upand try it on mine, if it works as well as it did on ISDN then I'll keep it, if not, then I'll probably sell it.

Thx! guys.

Oh! and Hi rob!
Community Veteran
Posts: 14,469
Registered: 30-07-2007

Need advice...anyone using their firewall?

The only issue I had with smoothwall was it did not support UPNP (which MSN messenger uses) even though there was an option to enable it. There were threads on the smoothwall forum about getting UPNP working with various manual updates but I never did get it to work properly so ditched it.

I now just use a netgear DG834 and software firewalls on all my PCs (ZoneAlarm).