Installing RedRak for use with a xDSL (ADSL, SDSL, etc) or cable modem connection.
Installation Guidelines
The following are instructions for using the RedRak Firewall/Router product to set up a RedRak which will be connected to a cable or DSL modem. One of the NICs is the connection from your provider (will be referred to as the external NIC). The other NIC (internal NIC) will be the interface to your internal network (it will use non-routable addresses, 192.168.1.1/255.255 .255.0). Once you have this configuration properly set up, it will allow your client machines on your internal network to reach the Internet.
- Physically remove the Ethernet Card (Network Interface Card or NIC) which is connected to your cable or DSL modem. This will make installation simpler because you will not need to know the MAC (Media Access Control) address of your NICs. This leaves only your internal NIC. During installation, you will be asked for the type of IP address you wish to assign to your Ethernet card; choose the option "1) Static (fixed) IP Address." If you have an internal network which already uses a non-routable IP address, enter an address from this network as the fixed IP address of the RedRak. If you currently do not have an internal network, or if your internal network is using routable addresses, assign the RedRak the IP address of 10.1.1.1/255.0.0.0 or 192.168.1.1/255.255.255.0. If you are using routable IP addresses, you will need to reconfigure all of the client machines to use the non-routable address. (Technically, you can use any legal IP address on you internal network, but life will be easier if you use a non-routable one.)
- Once the RedRak has successfully installed and shutdown, re-insert your NIC card which attached to your DSL or cable modem. Turn on your RedRak.
Now go to a client machine on your network. Remember, you must have the network configuration set up so that it can communicate with the RedRak. If you have never configured your client, you will need to set up TCP/IP so that it's on the same network as the RedRak's internal NIC card. Refer to your client's operating system help for how to do this. Make sure your client is configured before proceeding with "External NIC Configuration."
External NIC Configuration
Go to Home|Network|Interfaces.
Click the Edit Pencil on the "external NIC." The following settings
are required:
- Click select Enable This Interface.
- Click select Enable IP Network Address Translation (NAT). This allows all traffic from your internal network to appear that it is coming from your RedRak Firewall.
- Select Obtain Netmask and IP Address via DHCP. This will allow the card to be configured with the correct IP address and netmask.
- Click STORE
- Commit these changes.
Go to Home|Network|Routing
- Check Use IP Address for Default Router
- Enter the IP address of your default router. This information can be obtained from your ISP.
- Click STORE
- Commit these changes.
Go to Home|Network|Domains. When you installed, you may have used the same domain name as your provider to setup your RedRak this is ok, but you need to make sure that you are NOT the primary domain name server for that domain. Click the Edit Pencil for this domain
- Un-Check Act as the Primary Name Server for this Domain
- Click STORE
- Commit these changes.
Go to Home|Network|DNS. In order for your clients to resolve names outside of your network you will need to do the following.
- Check Allowed to use InterNIC
- Click STORE
- Commit these changes.
Configuring Your Client Machines
Setting up your client machines correctly is important in order for them to correctly reach outside of your network.
- If you setup your internal NIC at 192.168.1.1/255.255.255.0, you will need to make sure that your client machines are setup to be in the same network. So, a client machine should have an IP/netmask of 192.168.1.2/255.255.255.0, and another client machine could be setup as 192.168.1.3/255.255.255.0.
- It is also important that your client machines point to the correct router (or gateway) and DNS. Both of these (router and DNS) need to be set to your internal NIC (in this case 192.168.1.1).
Note:
Remember, that in your two NIC setup, the external NIC that is the connection
to your provider is the interface that has NAT enabled and any Firewall
rules setup on it. The internal NIC you do NOT enable NAT and
you do NOT setup Firewall rules. Also, make sure that your
clients can get out to the Internet before setting up you Firewall rules.
<Back>