FYI: firewall dead? Try switch between FW and modem

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
aclawson
Senior Member
Posts: 712
Joined: Fri Jan 19, 2007 6:28 pm
Location: Commerce Twp, MI

FYI: firewall dead? Try switch between FW and modem

Postby aclawson » Sun Sep 28, 2014 8:18 am

One of our buildings had intermittent internet failures before dying completely. Rebooting, reflashing, fiddling with cables, magic incantations and interpretive dance routines did nothing to resolve the problem - by every indication the firewall had simply failed and was destined for a replacement. However, in a last-ditch effort our FM guy placed a Netgear GS switch between the firewall and the cable modem and everything was fine.

Also as an FYI - as a result of the troubleshooting that building now has the new 192.168.x.x configuration. It is important to note that port 3 is for facilities use only.

Mask is 255.255.252.0 with an ip range of 31 reserved for static (.2 - .32) and 990 total dynamic addresses allowed. The facility zone (port 3) is still in the 10.x.x.x netspace. There is also a "management zone" with yet a third configuration but does not appear to be linked to a specific port as the facility zone is.

rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 7:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

Postby rolandc » Sun Sep 28, 2014 9:01 am

And if you have a Official FHC the printers will no longer be monitored till port two (2) is set up for that and hopefully you will get some static addresses on that port.

We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.
Roland

russellhltn
Community Administrator
Posts: 20749
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

Postby russellhltn » Sun Sep 28, 2014 11:43 am

rolandc wrote:We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.


You might want to call Global Service. When it was first rolled out there was no static IPs, but once the FH folks became aware of it, they had GS add static IPs.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 7:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

Postby rolandc » Mon Sep 29, 2014 5:06 am

russellhltn wrote:
rolandc wrote:We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.


You might want to call Global Service. When it was first rolled out there was no static IPs, but once the FH folks became aware of it, they had GS add static IPs.



It was done Friday (9/27) morning, I received an email yesterday that states ICS is on it.

Are you saying the level two guys rolled out an older script for a router that was just released?
Roland

russellhltn
Community Administrator
Posts: 20749
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

Postby russellhltn » Mon Sep 29, 2014 9:21 am

I went back and checked: I have a message dated Sep 6 that indicated that ICS had agreed to make changes to the FHC zone and that it would take a week to implement and that I'd hear back when it was done. It's been well over a week and I haven't heard back, so I'm not 100% sure of the status.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

russellhltn
Community Administrator
Posts: 20749
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

Postby russellhltn » Mon Sep 29, 2014 2:13 pm

Ok, the response I got: If the firewall was activated prior to 9/24, then you don't have the static IPs for the FHC and the firewall needs to be re-scripted. There's a bug in TM where the static range doesn't show, but it's there: .2 - .16. That bug will be fixed in the next couple of weeks.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 7:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

Postby rolandc » Thu Oct 02, 2014 3:02 am

russellhltn wrote:Ok, the response I got: If the firewall was activated prior to 9/24, then you don't have the static IPs for the FHC and the firewall needs to be re-scripted. There's a bug in TM where the static range doesn't show, but it's there: .2 - .16. That bug will be fixed in the next couple of weeks.


They did have to rescript the firewall, for whatever reason it was pushed out but not verified. However you are correct about the Static IP range. I found them by forcing different dhcp address on other machines & the .2 - .16 was never issued so its solved for now.
Roland


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest