USG-Flex 100 simple question
I bought this firewall yesterday and am trying to understand how to set it all up. So I'm a newbie ;-)
My situation is that we have had a router in the shop, which then leads to a switch and our servers/PCs are connected to it.
This router has the IP 192.168.10.105
Our PCs have the IPs 192.168.10.xxx and the router as a gateway.
Now I would like to integrate this firewall between router and switch.
So I'm assuming that the outgoing cable comes from the router to the WAN input from the firewall and then a cable goes from firewall port 4 to the switch.
In order not to block our work, I have now connected a laptop (fixed IP 192.168.10.95) to firewall port 4.
With this laptop I can access the web interface of the firewall because I have stored a fixed IP of 192.168.10.1 for "lan1".
My problem now is that this laptop has no chance of getting on the internet, let alone pinging the router.
What do I have to set up WAN so that it works? If I enter the IP of the router there, then the firewall can no longer access the Internet.
If a DHCP configuration is stored in the WAN, the firewall obtains the IP 192.169.10.240 and can then access the Internet.
But in both situations it is not possible for me to access the Internet from my laptop.
I checked, there is a rule that "Lan1" can connect anywhere.
But I can't find a log anywhere where I can look for the reason why the connection could not be made or is suppressed.
Does anyone have any ideas or patience to help me?
Thanks alot!
Accepted Solution
-
Hi, thank you for your answer.
But I found it yesterday ;-)
The Problem was that the Firewall is not able to handle two ip-ranges on differents ports.
The "wan" was on 192.168.10.xxx and "lan1" was on 192.168.10.xxx. This was not working.
I changed my router-ip to 192.168.1.105 and set the wan-ip in the firewall to 192.168.1.15 and the lan1-ip to 192.168.10.15 (which is now the gateway on the laptop)
Now it works fine.
Thanks
0
All Replies
-
Please note that the USG-Flex 100 is also a router in addition to being a firewall. This makes your connection through an existing router slightly more complicated than it needs to be. You may want to configure your existing router to be a complete pass-through connection without routing or DNS, if possible.
Regarding your issue accessing internet from your LAN device: Add rules to allow inbound traffic as well as outbound traffic on safe ports — TCP 80 (http), TCP 443 (SSL) etc. Your following observation
I checked, there is a rule that "Lan1" can connect anywhere.
is most likely the rule allowing all traffic between LAN clients, not to and from the outside.
0 -
Hi, thank you for your answer.
But I found it yesterday ;-)
The Problem was that the Firewall is not able to handle two ip-ranges on differents ports.
The "wan" was on 192.168.10.xxx and "lan1" was on 192.168.10.xxx. This was not working.
I changed my router-ip to 192.168.1.105 and set the wan-ip in the firewall to 192.168.1.15 and the lan1-ip to 192.168.10.15 (which is now the gateway on the laptop)
Now it works fine.
Thanks
0 -
What is the reason for get a this firewall if your only plan to double NAT?
Are you not able to set your ISP hub to be a modem?
Maybe a bridge on the firewall will be better for you?
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight