Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: ISP / Modem To Hardware Firewall Connection Method.  (Read 3424 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #15 on: April 17, 2020, 04:09:02 PM »

I agree that most people won’t have any need for such fixed address assignments and so for them and for most people they are quite unnecessary, as Carl says. However I am not most people. I actually use these addresses, but I won’t debate this here because it’s getting off topic and you probably aren’t that interested in what I get up to in my own network. I wouldn’t pay extra for a whole block of addresses that I don’t need; my address block is foc.

Best.  :)
Logged

niemand

  • Kitizen
  • ****
  • Posts: 1836
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #16 on: April 17, 2020, 05:44:10 PM »

Not going to disagree that you use them, just that there's no need for most of them to be publicly routable. Again Kindles, etc, are fine with NAT. :)

Which leads onto the original question. Is the /29 necessary, are there alternatives which are more robust if the worst happens?

Micromanagement of the home network is a hobby, not something that anyone should need to do. Firewall rules as far as generic Internet access goes should be per interface and stateful and something is quite broken if they aren't.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #17 on: April 17, 2020, 08:29:40 PM »

I didn’t mean I just use the addresses, I expressed myself poorly. I do need them to be publicly routable, for various reasons, but this is now off topic.
Logged

niemand

  • Kitizen
  • ****
  • Posts: 1836
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #18 on: April 17, 2020, 10:59:11 PM »

Indeed. Please do start your own thread so that we can discuss this further. I am very interested in what you might be doing that needs a /26 of publicly routable IP addresses - entire head offices of hundreds of people manage on a /29 or less  :)
Logged

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #19 on: April 18, 2020, 10:50:00 AM »

Thanks for the reply's  :)

I do agree it is too complicated for our needs now, I will start another thread.

My 'Business connection' came about from a business that we where going to do but never materialised, I do not pay any more for the set of Six IP address's, my unlimited ADSL2 connection is £16.69 a month .

--------------------------------------------------
Just to make clear the above question is referring to 'Public' side of the Firewall Not the Private LAN side.

 
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 4300
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #20 on: April 18, 2020, 03:31:58 PM »

If there's a desire to keep addresses static within that for limited purposes DHCP reservation is a much better idea than configuring each device statically.

I may getting hold of the wrong end of the stick here, but I personally find it much better to set my static addresses on the device rather than via DHCP, I have a printer, two PC's and a home server which have static IP addresses. I used to do it in the router but it was such a faff every time I changed the router.
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

niemand

  • Kitizen
  • ****
  • Posts: 1836
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #21 on: April 18, 2020, 11:05:27 PM »

On a couple of things sure but most definitely not everything which was my main point.
Logged

Alex Atkin UK

  • Addicted Kitizen
  • *****
  • Posts: 5260
    • Thinkbroadband Quality Monitors
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #22 on: April 19, 2020, 04:49:41 PM »

I may getting hold of the wrong end of the stick here, but I personally find it much better to set my static addresses on the device rather than via DHCP, I have a printer, two PC's and a home server which have static IP addresses. I used to do it in the router but it was such a faff every time I changed the router.

Its generally expected you're going to change the clients more often than the router.

Its just so much easier to have all configuration in one place, especially when port forwarding.  Its why I was so annoyed that IPv6 seemed to take away this control, at least on the Xbox One which changes its UUID every boot.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Intel N100) + Huawei CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
Switches: Netgear MS510TXUP, Netgear MS510TXPP, Netgear GS110EMX My Broadband History & Ping Monitors

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #23 on: April 20, 2020, 12:39:59 PM »

[quote]
I may getting hold of the wrong end of the stick here, but I personally find it much better to set my static addresses on the device rather than via DHCP, I have a printer, two PC's and a home server which have static IP addresses. I used to do it in the router but it was such a faff every time I changed the router.
[/quote]

Sorry to say but yes your are.

That is on the LAN side of the modem/router (the 'private' safe side) !.

My hardware fire wall has the capability to to connect to my ISP's equipment via the three methods in my post #1
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

d2d4j

  • Kitizen
  • ****
  • Posts: 1103
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #24 on: April 20, 2020, 02:09:52 PM »

Hi tickmike

Sorry your thread went slightly off topic and ronski was asking over best way for dhcp on lan side

I would think most routers/firewalls have all connections listed but generally only 1 would work with isp. The other connections listed are for if firewall connects to say an independent router

Many thanks

John
Logged

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #25 on: April 23, 2020, 02:59:41 PM »

Getting Back to my question, I have looked at the settings of my HG612 for my ADSL connection.

You can see EoA is set, but my firewall I have set PPPoE to connect, the firewall sends the my isp log in details not the modem.

So how does this work ? is the HG612 a PPPoE-to-PPPoA converting modem ?,
so would that be PPPoEoA ?.
see
https://en.wikipedia.org/wiki/Point-to-Point_Protocol_over_Ethernet scole down to 'PPPoE-to-PPPoA converting modem' .

Why am I interested in this, since updating my firewall some time ago there is a problem that if we get a power cut or I re-boot the firewall it Does Not connect back to the internet and I have to manually reset some of the rules.
(the smoothwall guys on there forum are not helping me with it) .

I re.booted the firewall and got this error message ''The RED device is not active. Cannot determine the red device type at this time.'' 
Note .. RED is my connection from the HG612 !.
I am looking for any delays in this connection coming up.

The PPP log =

 14:37:10 pppoe Sent PADT

14:37:13 pppd Exit.

14:37:17 pppd pppd 2.4.7 started by root, uid 0

14:37:17 pppd Using interface ppp0

14:37:17 pppd Connect: ppp0 <--> /dev/pts/0

14:37:22 pppoe PPP session is 3956 (0xf74)

14:37:23 pppd CHAP authentication succeeded: CHAP authentication success, unit 1784

14:37:23 pppd CHAP authentication succeeded

14:37:23 pppd local IP address 82.152.x.x

14:37:23 pppd remote IP address 82.153.x.x

14:37:23 pppd primary DNS address 212.104.x.x

14:37:23 pppd secondary DNS address 212.104.x.x

So to me it looks like it is coming up ok.

Any ideas ?.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

aesmith

  • Kitizen
  • ****
  • Posts: 1216
Re: ISP / Modem To Hardware Firewall Connection Method.
« Reply #26 on: May 18, 2020, 02:10:05 PM »

Normal practice would be to configure PPPoE on your firewall.  No configuration is then needed on the modem.
Logged
Pages: 1 [2]
 

anything