DSL / Hardware Setup
Eric "Shubes"
plug at shubes.net
Thu Mar 16 18:48:19 MST 2006
Kevin Brown wrote:
>> I finally took the plunge and have DSL from Qwest. I do have some
>> questions about the best way to set everything up. So I turn to the
>> most knowledgeable people in Phoenix - PLUG.
>>
>> Here is my setup:
>>
>> Windows XP box @ 192.168.100
>> Linux Mandrake 10 box @ 192.168.20
>> Linux Mandrake SNF firewall box @ 192.168.1.150
>>
>> Skylink Net 1008 fast ethernet switch with UpLink and 1X - 8X ethernet
>> connections
>>
>> My question is do I need to install a second NIC in the firewall box so
>> that one NIC is connected to the ActionTec DSL modem and the second is
>> connected to the switch?
>
>
> The modem is also a Firewall/Router unless you have done something to
> alter its configuration. So:
>
> DSL -> Actiontec -> Switch -> Rest of systems
>
>> I imagine I will have more questions once that one is answered.
>
>
That's the simplest setup. Doesn't make much (any) use of your firewall
box though. For a firewall to be effective, it needs to sit between the
LAN and the WAN (AFAIK), and thus needs 2 ethernet connections - one to
the outside world and one to the inside.
The Actiontec is adequate as a firewall for general use. If you want to
get your hands dirty or need more control though, you can set it up as:
DSL -> Actiontec -> Firewall -> Switch -> Rest of system
If you leave well enough alone, the Actiontec will nat to the firewall,
which in turn will nat to the lan. You'll want to set up your firewall
such that each interface is on a separate subnet, and the LAN interface
on the firewall needs to be static. A second layer of security isn't
necessarily a bad thing.
If you want to bypass the Actiontec's firewall and have the public IP
address on the WAN interface of your firewall, that can be done as long
as your firewall can handle PPPoE connections. In this case, you
configure the Actiontec to be in bridging mode (turns it into a 'dumb'
DSL modem), and configure your firewall to handle the PPPoE connection.
I did this recently with IPCop and it works like a charm. I found out
how to do this in the documenation on the IPCop web site
(http://www.ipcop.org). There are instructions there in reference to the
Actiontec DSL modem.
--
-Eric 'shubes'
****************************************************
This message has been scanned using Contraxx
Technology Group mail server v8.0.3 and is virus free.
Message sent from Mail Server 3
****************************************************
More information about the PLUG-discuss
mailing list