Thread: Domain Access via WRT300N LinkSys Wireless Router
View Single Post
  #2 (permalink)  
Old 01-19-2007, 04:32 AM
Jeff Liebermann
Guest
  
Posts: n/a
Default Re: Domain Access via WRT300N LinkSys Wireless Router
"Tech Chef" <browneowl@hotmail.com> hath wroth:

>Hello
>
>I am in the process of setting up a wireless access point for a small
>company. It will be used as another means for staff to connect to the
>Internet and gain access to shared network resources.
>At present, I can gain Internet Access via any wireless
>connection...but cannot browse the network.
>
>I've tried various configurations, but at present, this is the
>configuration that is being used while we troubleshoot.
>
>Static IP assigned to router (e.g. 10.200.x.x)
>Subnet mask, DNS etc. all match those within the domain.
>
>DHCP is enabled for the network portion of the configuration. Router IP
>for network access is default (192.168.1.1)
>
>Any connecting workstation is able to access the internet and obtain a
>192.168.x.x address.
>
>The problem appears to be the Checkpoint firewall. We believe that we
>have unrestricted access in out for HTTP traffic, but LAN traffic (RPC
>etc.) is being blocked.
>
>If anyone has any suggestions for a configuration (create a subnet for
>the wireless network? set up specific rules in the firewall) I'd
>appreciate the input.

I'm confused (but that's nothing new). I'm trying to figure out what
you have and what you're doing. They seem to be intermingled. My
guess(tm) is that you have an existing network using 10.200.xxx.xxx IP
addresses. You have connected the WRT300N configured as a router and
are deliverying DHCP assigned IP addresses to the clients. Meanwhile,
you have a Checkpoint firewall *SOMEWHERE* in the system. How close
am I?

You apparently have one too many routers. The Checkpoint router can
take care of any firewall and authentication issues. You don't need
the extra router inside the WRT300N. I suggest that you set it up as
an access point (AP) instead of a router. This is easy. First,
disable the DHCP server in the WRT300N. Then assign an IP address to
the WRT300N that's inside your 10.200.xxx.xxx IP address space.
Connect the WRT300N to the network via a CAT5 ethernet cable between
one of the *LAN* ports and a switched port on the 10.200.xxx.xxx
network switch. The WAN/internet port on the WRT300N is not used and
is not connected. The Checkpoint firewall probably has a DHCP server
running which will deliver 10.200.xxx.xxx IP addresses to the client.
I'll leave it to you to configure authorization and authentication in
the Checkpoint firewall. Just make sure you have at least WPA-PSK (or
better) encryption enabled in the WRT300N.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote
Sponsored Links