Need to network SG300 Firewall and Qwest (Motorola) 3347-02 Modem
I need some help getting an SG300 Firewall/VPN and a Qwest 3347-02 Modem to play nicely with each other.
Currently the modem has an external static IP (192.168.0.12) and also has an internal IP on our local network (let's say 10.10.1.1). The Firewall is setup with an internal IP of 10.10.1.2 (for example).
How do I configure the modem to forward all the traffic to the Firewall?
How do I configure the firewall to see out to the internet?
Please help - I need the assistance of your wonderful network savy brains. Many thanks!!
Re: Need to network SG300 Firewall and Qwest (Motorola)...
The modem needed to be set to a 192.168.x.x network, and the SG300 Firewall WAN port needed to be set to a dummy IP on the same network for it's IP, and the specific 192.168.x.x address for the gateway and DNS.
a 6ya Technician can help you resolve that issue over the phone in a minute or two.
Best thing about this new service is that you are never placed on hold and get to talk to real repair professionals here in the US. click here to Talk to a Technician (only for users in the US for now) and get all the help you need. Goodluck!
- If you need clarification, ask it in the comment box above.
- Better answers use proper spelling and grammar.
- Provide details, support with references or personal experience.
Tell us some more! Your answer needs to include more details to help people.You can't post answers that contain an email address.Please enter a valid email address.The email address entered is already associated to an account.Login to postPlease use English characters only.
Tip: The max point reward for answering a question is 15.
You may have some needed firewall ports blocked on your router. Turn off the firewall temporally and see if your able to connect. Your company IT folks should be able to tell you what ports they need open.
192.168.1.X is a local ip address ,, i trust that thhe vpn is in seperate places and is done with the wan ip over an internet connection?????
OK maybe the problem isnt on your side but the main office building,, when connecting , have someone looked for repeated attemps to connect by observing the fire wall,, if it appears to be blocked byu the firewall simply diasable any and try it out.. If it works then all you need to do is set the firewall correctly..
I was reading the ip address in your original post and those are local address,s are you certin the VPN is correct ???? did you use the correct STATIC IP ADDRESS ASSIGNED BY YOUR ISP??
I will make a couple of assumptions on you setup. First, you have some type of highspeed internet. You have a retail type router/firewall plugged into your internet modem. You are using a VPN Client software installed on a PC or Laptop. By stating that when you connected using your Ethernet cable, you were plugged directly into the Internet modem.
Basically, what you have here is a configuration issue with your Router/Firewall. I use the Cisco VPN Client Software from home. This software uses UDP over TCP port 10000. Your VPN Client will use something along this line as well. So, you need to do one of two things here. Determine what Protocol and Port your VPN software uses. Login into you Router/Firewall and add that to your outbound allowed traffic. Or login into your Router/Firewall and configure it to allow all outbound traffic.
If you are not sure how to do this, the documentation that came with your Router should contain a Tech Support number to call. They can walk you through this in short order. Otherwise, post your EXACT make and model of your Router/Firewall and I will try to get the information for you.
Accessing a VPN through a BGAN should be fairly simple. It sounds like some of the settings for the VPN might have changed. If you changed any settings on your computer, or if you have added any type of security settings or firewall. If you need any assistance with your BGAN let us know. We do sales of Satellite internet terminals such as Thrane & Thrane, Wideye Sabre, Hughes, Fleet Broadband, and much more. We also do repair of Broadband satellite terminals. You can visit our website at www.BlueCosmo.com, or call us at 877-258-3496.
From the main configuration screen select Network Setup, and then click on the Connections Tab. In the tabline below that click on Aliases.
At this point you input the Alias IP address and the netmask and add it, selecting port 25. The firewall now knows that it is to forward all traffic on port 25 to the computer that has the IP address you put in.
You should be aware that doing the above opens a direct access point into your network! Port 25 is the port used for SMTP (Sendmail) and it is the most vulnerable and most hacked service on the Internet! You should seriously consider not doing this.
A better option would be to goto the DMZ tab and configure a DMZ net on your firewall - you will need to obtain a second routable IP address from your ISP to do this though. By creating the DMZ and then routing port 25 to a machine inside the DMZ you isolate the machine running SMTP from all of the other machines inside your protected network and so make a compromise much less likely.
All of the systems inside your protected network will still have demand access to the machine in our DMZ, but the machine in your DMZ would be unable to initialize access to the protected network, which is a much safer setup.