Re: [FW1] New Install Help

Thu, 03 Aug 2000 05:58:08 -0700 



Using the KISS principal, have you considered using one of the cable/dsl routers 
between your firewall and the cable modem?  I've got a similar set up at home with my 
linux firewall.  

For example:

internal network ------------------------------  firewall 
---------------------------------- cable/dsl router ---------------------- cable/dsl 
modem
192.168.1.x                    192.168.1.200      192.168.3.200   192.168.3.254        
   DHCP from ISP

That way both NICs on your firewall are static IPs.  I have a Linksys DSL router at 
home.  It's by no means what you would want for a DS3 line, but it's through put can 
keep up with cable/dsl modems.  It will even drop packets that were not initiated on 
the inside, providing a first line of defense.  At home, all my ports show up as 
stealth when using Steve Gibsons ShieldsUp utility.  Pretty cool for $100.

Like I said, not an industrial strength solution, but probably as reliable as cable 
service. :)

David

>Good Evening, All

>I am in need of some basic help.

>I have set up a firewall box.  It has two nics in it.  One connects to the 
>internal lan, and one connects to a cable modem that provides our internet 
>feed.  We must use DHCP on the cable modem NIC to pull an IP.

>With NT4 installed, I am able to see the internal lan just fine, and I'm 
>able to access the internet just fine.  As soon as I install FW-1 4.0 SP7 
>(without even creating a policy) I immediately lose access to the internet 
>on the box.  We set the license up for our internal lan IP, since we obvious

>don't have a permanent one on the cable feed.  Is that alright?  As I said 
>though, as soon as the install is done, upon reboot we are no longer able to

>acquire an IP on the cable modem NIC.  If I uninstall FW-1, it pulls the IP 
>and then works just fine.  What do I need to do to work around this?

>Thanks for the help all.





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to