I am helping a Contractor setting up a webstat device (tomorrow), in reading the wiki
https://tech.lds.org/wiki/Internet-enab ... tinghouse)
and reading the https://tech.lds.org/wiki/images/c/c8/W ... ctions.pdf
it talks about the IP address of the firewall, looking at the example
IP: 10.246.122.13
subnet: 255.255.255.192
dns: 10.246.122.1
Gateway: 10.246.122.1
...
It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?
It then goes on to say the next 5-10 ip addresses are reserved for static assigned devices such as the webstat device. assumiing that my first question is a yes then the range they give 14-18 for static devices is not correct it should be like .2 - .6?
i would also assume that unless there is a list of used static IP addresses listed near the Cisco device i will just have to ping out and figure out what ip address is actually unused.
btw these were the same documents that were forwarded to me by the contractor.
side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?
Thanks,
Chris
firewall IP address and range of static IP addresses.
-
- New Member
- Posts: 30
- Joined: Mon Feb 07, 2011 10:20 am
- Location: Palm Springs, CA, USA
-
- Community Administrator
- Posts: 34422
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
ckellsworth wrote:It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?
I agree, the write-up is wrong. I sent the author a note.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.
-
- Community Moderators
- Posts: 9861
- Joined: Mon Mar 17, 2008 12:30 am
- Location: USA, TX
The firewall is configured to use the third party filtering service Websense.ckellsworth wrote:side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
-
- Church Employee
- Posts: 48
- Joined: Sun Mar 06, 2011 12:31 pm
- Location: Utah, USA
ckellsworth wrote:I am helping a Contractor setting up a webstat device (tomorrow), in reading the wiki
https://tech.lds.org/wiki/Internet-enab ... tinghouse)
and reading the https://tech.lds.org/wikildstech/images ... ctions.pdf
it talks about the IP address of the firewall, looking at the example
IP: 10.246.122.13
subnet: 255.255.255.192
dns: 10.246.122.1
Gateway: 10.246.122.1
...
It says that the IP address of the firewall is .13 but would that not be the IP address of the computer i am on, and the firewall's IP address is .1 (the gateway)?
It then goes on to say the next 5-10 ip addresses are reserved for static assigned devices such as the webstat device. assumiing that my first question is a yes then the range they give 14-18 for static devices is not correct it should be like .2 - .6?
i would also assume that unless there is a list of used static IP addresses listed near the Cisco device i will just have to ping out and figure out what ip address is actually unused.
btw these were the same documents that were forwarded to me by the contractor.
side question, does not relate to the Q above.
does all web traffic get routed out the VPN connection back to the endpoint for filtering before going out to the world or does the filtering happen locally on the box and just select traffic goes over the VPN?
Thanks,
Chris
Question 1: Yes. .1 is the last octet of the routers IP address.
Question 2: Yes and No. The first few ip addresses (2 thru 9) are not in the DHCP scope available for lease. These are not to be used for other services in the building but could be used for printers. A specific Facilities VLAN needs to be set up for those services like Facilities that include Webstat sensors. GSD cant do it themselves but you need to call them to log a ticket and they can then escalate that to the Field and Campus Network Ops Team and we can create it. That VLAN does not have a DHCP server for it so everything on that VLAN is statically assigned. When we setup the VLAN we will let you know usable addresses, gateway and subnet masks.
Side Question: The 881 checks against our Websense filters for permitted access/URLs. The VPN tunnel is only used for administration. Internet web traffic is not tunneled.
-
- New Member
- Posts: 5
- Joined: Thu Jan 06, 2011 1:45 pm
jdlessley wrote:The firewall is configured to use the third party filtering service Websense.
I understand the routers are configured to use websense 's content filtering but are they running this on one of the church servers or do they have a V-series hardware appliance in place to manage the content filtering?
-
- Church Employee
- Posts: 48
- Joined: Sun Mar 06, 2011 12:31 pm
- Location: Utah, USA