WatchGuard Technologies WatchGuard SOHO and SOHO | tc manual Setting Up Your Soho Network

Page 23

CHAPTER 2 Setting Up Your

SOHO Network

How does a firewall work?

Fundamentally, a firewall is a way of differentiating between, as well as protecting, “us” from “them”. On the public side of your SOHO firewall is the entire Internet. The Internet has many resources that you want to be able to reach, such as the Web, e- mail, and conferencing. It also presents dangers to the privacy and security of your computers. On the private side of your SOHO firewall are all the devices you want to protect from these dangers.

Using rules we will discuss in Chapter 3: “Configuring Services for a SOHO” on page 33, the WatchGuard SOHO evaluates all traffic between the public network (Internet) and the private network (your computers) and blocks any suspicious activity. In order for this to work as described, you must first configure both the public and private network to work together and to talk to one another as well as the rest of the world.

User Guide 2.3

11

Image 23

Contents WatchGuard Soho User Guide Copyright and patent information Registration and identification informationUser Guide Iii WatchGuard Soho End-User License AgreementPage User Guide WatchGuard Limited Hardware Warranty User Guide Vii Welcome Redeeming Soho upgrade certificatesFollowing conventions are used throughout this guide Using this guidePage Table of Contents Additional Soho Features Before you begin InstallationPre-installation checklist Determine your current TCP/IP settings Performing manual installationOther operating systems Unix, Linux Microsoft Windows NT orMicrosoft Windows 95 or 98 or ME MacintoshDisable your browser’s Http proxy Internet Explorer Netscape 4.5 orCabling the Soho for one to four devices Physically connecting your SohoThis creates a connection between the Soho and the modem Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Physically connecting your Soho How does a firewall work? Setting Up Your Soho NetworkNetwork addressing Configuring your public networkDouble-click the Network icon Configuring your public network Configuring the Soho public network for dynamic addressing Select the Obtain an IP address automatically option. Click Configuring the Soho public network for static addressingOn your computer Click Public Network On the SohoConfiguring Soho public network for PPPoE Click Automatically restore lost connections Release and renew the IP configurationConfiguring your private network Configure additional computers to the private network Select System Password Changing the Soho system name and passwordSelect System Administration Default factory settings Default factory settings Virtual Private Networking IPSec VPN is not installed Troubleshooting installation and network configurationHow do I change to a Dhcp private IP address? What do the on and Mode lights signify on the SOHO?Where are the Soho settings stored? How do I register my SOHO?How do I change to a static private IP address? How do I allow any incoming service?How do I allow incoming IP protocols? How do I set up and disable Web blocking?Click Services and then click Allowed Incoming Services VPN Management How do I set up VPN between two SOHOs?How do I reset the Soho to factory defaults? How do I reboot my SOHO?How do I set up my Soho for remote configuration? How do I get to the Soho Knowledge Base? Set a password on my unit, but I forgot it. Can you help?How do I install a Soho using a Macintosh? How does the seat limitation on the Soho work?How can I see the MAC address of my SOHO? What is a Soho feature key?Cant get a certain Soho feature to work with a DSL modem How do I register for Live Security?IP addresses Configuring Services for a SohoHow does information travel on the internet? Port number ServicesWatchGuard Soho services ProtocolNetwork address translation Allowing incoming servicesClick Add a Service Adding a pre-configured incoming serviceSelect Allowed Incoming Services Click Add Other TCP or UDP Service Creating a custom incoming serviceAdding an incoming TCP or UDP service Click Allowed Incoming Services. Click Add a ServiceClick Add Other Service Adding an incoming service with another type of protocolAdding the Any service Click Allowed Incoming Services Removing an incoming serviceClick Add Any Service Click Remove a Service Blocking outgoing servicesBlocking a TCP or UDP service Blocking an alternative protocol Select Blocked Outgoing ServicesClick Block TCP or UDP Service Click Blocked Outgoing ServicesClick Remove Blocked Service Removing a blocked outgoing serviceWhy create a virtual private network? Configuring Virtual Private NetworkingOne WatchGuard Soho with VPN and an IPSec-compliant Device What you will needIP Address Table example Step-by-step instructions for configuring a Soho VPN tunnel About Feature KeysObtaining a VPN Feature Key Enabling the VPN Feature KeySpecial considerations How do I connect three or four offices together? Frequently asked questionsWhy do I need a static public address? How do I get a static public IP address?OK, ping is not working How do I obtain a VPN Feature Key?How do I enable a VPN Tunnel? Frequently asked questions Socks for Soho Additional Soho FeaturesSoho Socks implementation Configuring your Socks application on the SohoDisabling Socks on the Soho Select Service OptionsClick System Information Setting a remote log hostSoho logging Viewing Soho log messagesSelect Remote Logging Rebooting a WatchGuard SohoClick System Administration Rebooting a WatchGuard Soho How WebBlocker works WatchGuard Soho WebBlockerBypassing the Soho WebBlocker Web site not in WebBlocker databaseWeb site in WebBlocker database WatchGuard WebBlocker database unavailableSelect Web Blocking Configuring the Soho WebBlockerPurchasing and enabling Soho WebBlocker WebBlocker categories Enter the full access passwordAlcohol/Tobacco Satanic/Cult Search Engines Click Check if the URL is on the CyberNOT List Searching for blocked sitesIndex Primary IP address 44 secondary IP address TCP UDP