firewall IP address and range of static IP addresses.

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
ckellsworth
New Member
Posts: 24
Joined: Mon Feb 07, 2011 10:20 am
Location: Palm Springs, CA, USA

firewall IP address and range of static IP addresses.

Postby ckellsworth » Tue May 24, 2011 2:30 pm

I am helping a Contractor setting up a webstat device (tomorrow), in reading the wiki
https://tech.lds.org/wiki/Internet-enabled_appliance_(meetinghouse)
and reading the https://tech.lds.org/wiki/images/c/c8/WebStat_Install_Instructions.pdf
it talks about the IP address of the firewall, looking at the example

IP: 10.246.122.13
subnet: 255.255.255.192
dns: 10.246.122.1
Gateway: 10.246.122.1
...

It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?

It then goes on to say the next 5-10 ip addresses are reserved for static assigned devices such as the webstat device. assumiing that my first question is a yes then the range they give 14-18 for static devices is not correct it should be like .2 - .6?

i would also assume that unless there is a list of used static IP addresses listed near the Cisco device i will just have to ping out and figure out what ip address is actually unused.

btw these were the same documents that were forwarded to me by the contractor.

side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?

Thanks,

Chris

russellhltn
Community Administrator
Posts: 20757
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Tue May 24, 2011 2:36 pm

ckellsworth wrote:It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?


I agree, the write-up is wrong. I sent the author a note.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

jdlessley
Community Moderators
Posts: 6526
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Postby jdlessley » Tue May 24, 2011 4:10 pm

ckellsworth wrote:side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?
The firewall is configured to use the third party filtering service Websense.
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

bradhokanson
Church Employee
Church Employee
Posts: 41
Joined: Sun Mar 06, 2011 12:31 pm
Location: Utah, USA

Postby bradhokanson » Tue May 24, 2011 6:53 pm

ckellsworth wrote:I am helping a Contractor setting up a webstat device (tomorrow), in reading the wiki
https://tech.lds.org/wiki/Internet-enabled_appliance_(meetinghouse)
and reading the https://tech.lds.org/wikildstech/images/c/c8/WebStat_Install_Instructions.pdf
it talks about the IP address of the firewall, looking at the example

IP: 10.246.122.13
subnet: 255.255.255.192
dns: 10.246.122.1
Gateway: 10.246.122.1
...

It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?

It then goes on to say the next 5-10 ip addresses are reserved for static assigned devices such as the webstat device. assumiing that my first question is a yes then the range they give 14-18 for static devices is not correct it should be like .2 - .6?

i would also assume that unless there is a list of used static IP addresses listed near the Cisco device i will just have to ping out and figure out what ip address is actually unused.

btw these were the same documents that were forwarded to me by the contractor.

side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?

Thanks,

Chris


Question 1: Yes. .1 is the last octet of the routers IP address.

Question 2: Yes and No. The first few ip addresses (2 thru 9) are not in the DHCP scope available for lease. These are not to be used for other services in the building but could be used for printers. A specific Facilities VLAN needs to be set up for those services like Facilities that include Webstat sensors. GSD cant do it themselves but you need to call them to log a ticket and they can then escalate that to the Field and Campus Network Ops Team and we can create it. That VLAN does not have a DHCP server for it so everything on that VLAN is statically assigned. When we setup the VLAN we will let you know usable addresses, gateway and subnet masks.

Side Question: The 881 checks against our Websense filters for permitted access/URLs. The VPN tunnel is only used for administration. Internet web traffic is not tunneled.

spydyee
New Member
Posts: 5
Joined: Thu Jan 06, 2011 1:45 pm

Postby spydyee » Wed Jun 22, 2011 5:46 am

jdlessley wrote:The firewall is configured to use the third party filtering service Websense.


I understand the routers are configured to use websense 's content filtering but are they running this on one of the church servers or do they have a V-series hardware appliance in place to manage the content filtering?

bradhokanson
Church Employee
Church Employee
Posts: 41
Joined: Sun Mar 06, 2011 12:31 pm
Location: Utah, USA

Postby bradhokanson » Thu Jun 23, 2011 1:19 am

spydyee wrote:I understand the routers are configured to use websense 's content filtering but are they running this on one of the church servers or do they have a V-series hardware appliance in place to manage the content filtering?


Not sure but I will find out.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest