FYI: firewall dead? Try switch between FW and modem

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
Post Reply
aclawson
Senior Member
Posts: 760
Joined: Fri Jan 19, 2007 6:28 pm

FYI: firewall dead? Try switch between FW and modem

#1

Post by aclawson »

One of our buildings had intermittent internet failures before dying completely. Rebooting, reflashing, fiddling with cables, magic incantations and interpretive dance routines did nothing to resolve the problem - by every indication the firewall had simply failed and was destined for a replacement. However, in a last-ditch effort our FM guy placed a Netgear GS switch between the firewall and the cable modem and everything was fine.

Also as an FYI - as a result of the troubleshooting that building now has the new 192.168.x.x configuration. It is important to note that port 3 is for facilities use only.

Mask is 255.255.252.0 with an ip range of 31 reserved for static (.2 - .32) and 990 total dynamic addresses allowed. The facility zone (port 3) is still in the 10.x.x.x netspace. There is also a "management zone" with yet a third configuration but does not appear to be linked to a specific port as the facility zone is.
rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 8:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

#2

Post by rolandc »

And if you have a Official FHC the printers will no longer be monitored till port two (2) is set up for that and hopefully you will get some static addresses on that port.

We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.
Roland
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

#3

Post by russellhltn »

rolandc wrote:We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.
You might want to call Global Service. When it was first rolled out there was no static IPs, but once the FH folks became aware of it, they had GS add static IPs.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 8:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

#4

Post by rolandc »

russellhltn wrote:
rolandc wrote:We have the newest router in our building C881 (no wifi built in) port two was configured but no static addresses were assigned.
You might want to call Global Service. When it was first rolled out there was no static IPs, but once the FH folks became aware of it, they had GS add static IPs.

It was done Friday (9/27) morning, I received an email yesterday that states ICS is on it.

Are you saying the level two guys rolled out an older script for a router that was just released?
Roland
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

#5

Post by russellhltn »

I went back and checked: I have a message dated Sep 6 that indicated that ICS had agreed to make changes to the FHC zone and that it would take a week to implement and that I'd hear back when it was done. It's been well over a week and I haven't heard back, so I'm not 100% sure of the status.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: FYI: firewall dead? Try switch between FW and modem

#6

Post by russellhltn »

Ok, the response I got: If the firewall was activated prior to 9/24, then you don't have the static IPs for the FHC and the firewall needs to be re-scripted. There's a bug in TM where the static range doesn't show, but it's there: .2 - .16. That bug will be fixed in the next couple of weeks.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
rolandc
Member
Posts: 257
Joined: Tue May 15, 2012 8:20 pm

Re: FYI: firewall dead? Try switch between FW and modem

#7

Post by rolandc »

russellhltn wrote:Ok, the response I got: If the firewall was activated prior to 9/24, then you don't have the static IPs for the FHC and the firewall needs to be re-scripted. There's a bug in TM where the static range doesn't show, but it's there: .2 - .16. That bug will be fixed in the next couple of weeks.
They did have to rescript the firewall, for whatever reason it was pushed out but not verified. However you are correct about the Static IP range. I found them by forcing different dhcp address on other machines & the .2 - .16 was never issued so its solved for now.
Roland
Post Reply

Return to “Meetinghouse Internet”