Using a hardware firewall

swindmill · Dec 21, 2005

My roommate uses XP and he has the Sonicwall firewall that he wants to use. He doesn't know how to configure it (his dad owns a networking business and has always done this stuff for him). I have tried to put it between the modem and router, but I can't access it via my browser; I just get a network timeout when I put in the IP address of the firewall. Does anyone have any experience using a harware firewall with OS X? We also have a Linux computer on our network, and I have a feeling this thing is going to cause more trouble than it's worth. (for me at least

)

mkrishnan · Dec 21, 2005

What kind of IP address are you using for the firewall? It sounds like, in your setup, your firewall should be bridging (receiving wholly) the upstream IP address that the modem gets, and that it should in turn pass this IP address wholly over to the router. Which might lead you to a problem because you're trying to reach it via IP address, but the IP address is owned by the router, because the firewall passed the IP address to it. Have you tried configuring it while being directly jacked into it (i.e. wire your computer to the firewall instead of the router)?

Out of curiosity, doesn't your router already have a firewall, in addition to your computer? How many firewalls do you need? I tend to agree with your more-trouble-than-its-worth assessment...

swindmill · Dec 21, 2005

I'm not sure about the router having a firewall. I have just a basic Netgear router. I really have no use for a harware firewall on OS X, but he wants to use this with XP, so I guess I don't have a choice. I'm just concerned about the problems it might create with our Linux file/print server, as I'm new to Linux and having enough problems already. I suppose for a Windows user, a firewall that inspects every packet that is sent to you computer is a good thing, I just don't want something in the network that I don't completely understand and have control over. I'll try plugging the firewall directly into my computer and see what happens.

mkrishnan · Dec 21, 2005

swindmill said:
I'm not sure about the router having a firewall. I have just a basic Netgear router. I really have no use for a harware firewall on OS X, but he wants to use this with XP, so I guess I don't have a choice. I'm just concerned about the problems it might create with our Linux file/print server, as I'm new to Linux and having enough problems already. I suppose for a Windows user, a firewall that inspects every packet that is sent to you computer is a good thing, I just don't want something in the network that I don't completely understand and have control over. I'll try plugging the firewall directly into my computer and see what happens.

Well, the firewall shouldn't be acting on intranet business. That is, if your Windows box sends a print request to your Linux box, it never goes higher than the router, and so the firewall never touches it. The firewall only inspects incident communication from OUTSIDE the intranet. If you want a computer that is not on the intranet to print from the Linux server, then you may have a problem with the firewall... but otherwise, you should be fine.

As for the Netgear router...most of them do have firewalls. What model? Is it a WGR614 or something of the like?

swindmill · Dec 21, 2005

Yes, the router is a WGR614v4.

As far as the Linux pc, I understand why I won't have issues printing to it or connecting to shared volumes, but will configuring it to access the internet for updates, etc, be difficult, or will it be similar to configuring OS X with the firewall? I've looked over the Sonicwall configuration, and it looks a bit complicated.

strydr · Dec 21, 2005

swindmill said:
My roommate uses XP and he has the Sonicwall firewall that he wants to use. He doesn't know how to configure it (his dad owns a networking business and has always done this stuff for him). I have tried to put it between the modem and router, but I can't access it via my browser; I just get a network timeout when I put in the IP address of the firewall. Does anyone have any experience using a harware firewall with OS X? We also have a Linux computer on our network, and I have a feeling this thing is going to cause more trouble than it's worth. (for me at least )

Well, the XP machine could use all the firewall it can get... (sorry, I had to say it)

I have a sonicwall Firewall (need it for work VPN), and it's not the easiest setup I've seen (I'm still getting the correct holes poked through). First, do you know the subnet the device is set with (ie 192.168.1.1, or 10.0.0.1, or etc..)? if yes, change your network settings (or create a alternate config.) to be on the same subnet (ie, if the sonicwall is 192.168.1.1, set your IP to 192.168.1.2). After this config is saved, plug in to the sonicwall, and open Safari. point your browser to the sonicwall's IP (ie 192.168.1.1). you should be prompted for a user/password. Helps to know this.
If you get in, look around for the network tab, here you will need to config. the WAN and LAN. if you'r using cable, you will need (most configs.) to set DHCP (with NAT, i think) on the WAN interface, then reboot your modem (unplug for +60 sec), and (after the modem resets) reboot the sonicwall (you might also try to just renew the IP lease). If you can get online now, things are looking up. If you have a specific IP Scheme in your home network, change the LAN settings on the sonicwall to reflect this.
Now, you need to get your router set up to act as a switch, that's up to you, cause I don't know about your hardware..

Hope this helps..

strydr · Dec 21, 2005

swindmill said:
Yes, the router is a WGR614v4.

As far as the Linux pc, I understand why I won't have issues printing to it or connecting to shared volumes, but will configuring it to access the internet for updates, etc, be difficult, or will it be similar to configuring OS X with the firewall? I've looked over the Sonicwall configuration, and it looks a bit complicated.

The firewall, by default, should allow all outbound traffic. O-ya, the sonicwall is complicated..

mkrishnan · Dec 21, 2005

The WGR614 does have a firewall, by the way... It may even be on by default. I have one, but it's at my parents house, so I can't check it for you.

trainguy77 · Dec 21, 2005

If you want a nice firewall, that is easy to set up. I would look into m0n0wall: www.m0n0.ch its a great firewall. I use it for a school of 300+ kids it works great. As stable as a rock. It has IPsec, pptp(types of VPN) traffic shaper. Its great, and its easy to set up!

grapes911 · Dec 21, 2005

swindmill said:
(his dad owns a networking business and has always done this stuff for him).

Why the heck don't you just ask him? He'd seems like a better option then us.

SeaFox · Dec 21, 2005

Have you tried accessing the router's setup page from the XP machine? You might try using the reset button on the router to restore it to factory defaults. Perhaps the firewall has only been allowed to accept connections from certain MAC (not Mac) addresses and your Macintosh is not on that list.

Actually, better question: Do YOU have an IP address from the firewall? I know it's a silly question but if you don't have a 192 (or whatever) IP address from the firewall you're not connected to it and won't be able to connect into it with your browser. The router may not be set up for DHCP so it's not handing out addresses to whatever connects to it.

Search

Search

Using a hardware firewall

swindmill

macrumors 6502a

mkrishnan

Moderator emeritus

swindmill

macrumors 6502a

mkrishnan

Moderator emeritus

swindmill

macrumors 6502a

strydr

macrumors 6502

strydr

macrumors 6502

mkrishnan

Moderator emeritus

trainguy77

macrumors 68040

grapes911

Moderator emeritu

SeaFox

macrumors 68030

Our Staff