Firebox 700 1

[dzon]

Hi,

I just bought a firebox 700(F2064n)from Ebay and hoped somebody could tell me what software version I need to install on it. Also, could I achieve the following using this box:

(in the same CAB)
Switch 1 will have 15 access points connected to it.
Switch 2 has around 30 computers connected to it and a GB fibre to the main comms.

I was hoping to connect switch 1 to firebox and somehow be able to monitor Access point connections, block ports and so on. I know users of the laptops will try and run file sharing programs, game servers, etc.

I would then connect firebox to switch 2 which in turn will pass approved data to main comms.

Access points and switches are on the same IP network.

Does this make sense, is it possible to do?

Thanks in advance

Dzon

 

[coladmin]

you can install any software verion that is less than 8.0. The most current verion is V7.3

if you want to jsut block connection to the main coms using the firebox then you could connect switch 1 into switch 2 and then connect switch 2 to the trusted port on the firebox. then connect the external port on the firebox to the uplink of the mian coms.

in this configuration you will be able to control traffic that is going out and coming in to the network. you will not be able to monitor the traffic on the AP network itself jstu the traffic going through the firebox

 

[dzon]

Hi,

Thanks for your reply.

I did think of this but the main comms up link is fibre GB so the connection is different.

thanks

dzon

 

[dzon]

Hi,

In your method do I use routed or drop in?

also, can the wirless network be on the same subnet as the main network?
I am getting confused configuring this as it says trusted and external must be on different subnets

thanks in advance

 

[coladmin]

let me give you an example
you would want to use routed mode. in this mode all traffic going in and out of the network goes through your firewall and the firewall physicall sits between your ISP and your internal network


IP's given to you by your ISP

10.10.10.17 255.255.255.240 Router Ethernet Interface(gateway for watchguard)
10.10.10.18 Watchguard external interface

your internal IP addressesd will be on a different subnet as your are going to use NAT

trusted network 192.168.10.0 255.255.255.0

trused interface 192.168.10.1 255.255.255.0 (gateway for internal clients)

all devices on this network need to be on the same subnet as your trusted interface.

now as long as your wireless access point and computers are on the same netowrk then you can connect the wireless switch into the LAN switch and connect the LAN switch into the trusted interface of the firewall and that should do the trick.

if you want to septerate your wireless network from your LAN and you would need to create a new subnet for the wireless network 192.168.11.0 255.255.255.0 for example and then connect the wireless switch into the optional port of the firebox which in this case would have an ip of 192.168.11.1.

no you can create rules that will allow/deny traffic between the wireless and the LAn networks as well as the internet