Preconfigure for unknown WAN

Security Gateway Discussions
Post Reply
nazimshah
Posts: 12
Joined: 16 Jul 2010, 06:17

Preconfigure for unknown WAN

Post by nazimshah » 20 May 2011, 00:32

Hi,

Just to be clear upfront, our SG box is on a vessel.

I'm currently in need to configure our SG to be put in what can be consider as unknown WAN environment. We already decided our LAN subnet will be 192.168.1.0/24. So the LAN portion has been properly configured. As of now the firewall become a gateway for our LAN with wireless broadband plug in the WAN interface (temporary internet connectivity). This works well for now.

As of now, we still don't have any detail at all how the network will look like at the vessel final destination. As far as information gathered:
1. Our network will be connected to our client MPLS/IPVPN network
2. Access to and from client network must be without any changes to their infrastructure

The way I see, I need to have SG on transparent and using DHCP IP. Without knowing the network detail of our client, can any configuration be done? Any advise what to do, we plan to test it out using the wireless broadband acting as another network

Peter
Posts: 668
Joined: 10 Apr 2008, 14:14
Location: Clavister HQ - Örnsköldsvik

Re: Preconfigure for unknown WAN

Post by Peter » 01 Jun 2011, 09:10

Hello.

Without knowing at least some details as how the Wan connection will look like it is almost impossible to pre-configure the system.

A. If static routing you need to have the IP/Gateway/network information in order to set it up.
B. If dynamic routing to need to know that in order for you to configure the DHCP client.

Hopefully it is scenario B, as preconfiguring the system is possible. Then you can enable the DHCP client, make some normal rules for external access, when you insert it into the network it should get all the required information from the DHCP server to enable external access.

Best regards
/Peter

Post Reply