Smoothwall Firewall and WC

Hi,

I currently have a Smoothwall firewall hooked up to an ADSL router. I am getting WC installed and had a question about Smoothwall that someone should be able to help me with.

I know I can hook the Smoothwall firewall directly up to the WC connection, can I then connect multiple PC's (Through a hub) up to the Smoothwall firewall....can the Smoothwall firewall act as a router?? (Ie. do NAT etc...)

Thanks for your help.

Look for a seting called "ip-forwarding'".
You want to turn this on.

Then on each of the client machines you need to set the "Gateway" to the address of the Smoothwall machine.

You dont even need to do that...

Smoothwall is designed to be used as at the gateway level, by default you can point any number of pc's at a smoothie as a gateway and it will work.

The use of ip-forwarding, ports/pinholes etc is to help get some of those trickier applications (IM, P2P) working properly and isnt a necessity by default

Thanks for your helps guys, I thought it would be able to do it.

Let me get this straight:

Lets say I connect my smoothwall box with one ethernet card in it to my ADSL router with 4 port switch (192.168.1.1). The other computers are connected to this router/switch as well.

I then give the smoothwall box an ip of 192.168.1.2 and tell it to use the internet gateway at the ADSL router (192.168.1.1).

Can I then set the gateway on all the PCs to 192.168.1.2 (the smoothwall box) and it will all work???

No.

The Smoothwall box will have at least 2 ethernet cards in it.
One for the Internet side (Red), on for the internal network side (green).

The local computers need to be connected to the green interface
and the dsl router connected to the red interface.
The PC's would then talk through the Smoothwall tio the router and the
internet beyond.

You could have PC's connected directly to the dsl router but would not be
able to use the Smoothwall box for anything,

__________________
Steve M
Bigted
Cute, Furry and Cuddly

Nope. As bigted has pointed out, the smoothwall box would go in-line between the internet and your internal network... something like this:

Internet <-> Router/Modem <-> Smoothwall box <-> Switch <-> Internal PC's

You would also have the external untrusted (red) network on a completely different subnet to the one on your internal trusted (green) network.

I see, makes sense. Looks like it would waste the 3 ports on the ADSL router correct? Then I'd have to buy another switch.

But really is a Smoothwall box much better than the NAT and Firewall that's already on the RTA300 ADSL router?

The short answer is: probably not.

However there are a great number of things that a Smoothwall/ IPCop
firewall can do that a RTA300 will never do.

Things like the squid caching web proxy, ability to run multiple ethernet
interfaces for DMZ and other uses such as a "blue" wireless subnet
(Like I do with my IPCop box), traffic shaping by port, etc.

Depends on your requirements. If they are straight forward then
any router with NAT and pinholeing will give adaquate protection against
the darker side of the 'net.

More complex? Then look at other options............

__________________
Steve M
Bigted
Cute, Furry and Cuddly

OK, just got Wired country installed. I got them to put it straight to my computer at the moment.

Can someone give me abit of a run down on what I have to do to get the connection working through my smoothie?

why certainly!

First step:
open a browser window and type in www.smoothwall.org

Second step:
click on docs

Third step:
read each pdf file

Amazing :roll: :wink:

OR in other words, the general attitude you'll get when asking such broad questions related to smoothwall are:
1) Need more info
2) Smoothwall guys are not hand holders, help us to help you by helping yourself first.

.

*sigh*

so blind to the smileys are we?

no need to get so up in arms, had you bothered to RTFM you would understand the attitude exactly

Spoontastic,

You have seen that we (as a community) are keen to help members of this
message board, but if you turn on members such as whetu that have tried
to help, it will not endear you to others here to help you further.

It is best that you take the advice offered to you gratefully, after all, you asked for it.

I believe that whetu's comments whether in jest or being serious is good advice.

The Smoothwall and Ipcop firewall distributions are well documented.
To ask questions here without reading the standard documentation first will,
of course, lead to people saying RTFM.

__________________
Steve M
Bigted
Cute, Furry and Cuddly

Ok then I apologise. ops:

Here is a more specific question...

I have the firewall configured as Green + Red. On the Red interface I have select PPPOE (The tree choices are Static, DHCP and PPPOE).

In the firewall config I have gone to the services tab and then PPP settings and setup a PPPOE connection entering my username and password.

When the firewall 'Dials' it doesn't seem to get a connection.

Any idea what is wrong??

How would you normally connect to WC? Does the WC modem handle that or is it controlled via DUN?

If the WC modem handles it, what is the IP address of its lan interface?

You'll want to setup your RED with a static IP in the same range as the IP of the WC modem and point to the modem as the gateway, so as far as the smoothie is concerned the WC modem is the gateway and as far as any workstations are concerned, the smoothwall box is the gateway... all completely transparent of one another

Power cycle your WC "box".
It will pick up the new MAC address of your Red network card rather than
the one in your computer and allow you to connect.
The WC antenna stores up to 3 MAC addresses in it.
If you try to connect with a network card it does not recognise, it will not connect.

As long as you have set up the right settings in the Smoothwallthen it should connect.

__________________
Steve M
Bigted
Cute, Furry and Cuddly

Thanks dude, that did the trick.

I got a little red-faced (and got the ihug helpdesk guy redfaced too) tonight...
Had a problem, sorted it 30 secs after helpdesk guy answered phone, by power cycling my WC box. He had no idea about how to sort the WC problemo I was having though, so I feel a smidgen less stupid


Cheers for the information enclosed above - next time I will do the web research thing _before_ I ring the helpdesk :P

Great advice on cycling the power to the WC unit - that got me past the same problem.

Unfortunately, I seem to encounter the same problem each day - the smoothwall machine attempts to connect a number of times before giving up with the following line in the logs:
Rebooting the machine and recycling the power fixes the problem but I don't really want to be doing that every day. Has anybody else had similar issues?