SnapGear 1.7.8 manual Getting started, Static IP reset

Page 15

2. Getting started

Your SnapGear appliance provides a secure, simple gateway to connect PCs and other devices on your local network to the outside world. This chapter provides step-by-step instructions for connecting the SnapGear appliance to your LAN. The procedures in this section expand on the steps in the SnapGear Quick Install Guide, which you may prefer to use if you are in a hurry.

If you are connecting the SnapGear appliance to an established LAN, use a standard Ethernet cable to connect the SnapGear LAN port to a spare port on the network’s hub. If you are connecting your SnapGear appliance to a single PC, use the provided Ethernet crossover cable to interconnect them directly. In the case of the SnapGear LITE+ and LITE2+, use a standard Ethernet cable to connect any one of its four LAN switch ports to a single PC, or an Ethernet crossover cable to connect to another hub.

The SnapGear appliance comes with an in-built DHCP server that can automatically assign IP addresses to other devices on the network. If you have an existing network, you may already have an active DHCP server and the PCs and devices on the network may already have IP addresses assigned. To simplify the installation in existing networks, the SnapGear appliance ships without an initial IP address and without the DHCP server activated by default.

If your network does not have an active DHCP server, it is recommended that you take advantage of using the SnapGear appliance as a DHCP server and setup the PCs on your network to dynamically receive TCP/IP configuration information.

Static IP reset

Although it is not the default behaviour, it is also possible to boot the SnapGear appliance with an initial, static IP address of 192.168.0.1 (netmask 255.255.255.0). While the SnapGear appliance is running (i.e. System/TST/Heart Beat is blinking), press the black RESET button twice within 3 seconds.

Note that this will reset any existing configuration options back to their factory defaults. Additionally, your network must (at least initially) be on the 192.168.0.0/255.255.255.0 subnet, as per step 6 of New Networks.

12

Getting started

Image 15

Contents Rev May 2nd Table of contents Virtual Private Networking Introduction Term Meaning TerminologyLAN TCP/IP Document conventionsStep Chapter Installing and configuring your SnapGear applianceYour SnapGear appliance LEDsLabel Activity Description SnapGear appliance back panels Network interconnections Software features SnapGear appliance featuresInternet link features LAN link featuresDial-in connection features Environmental features Getting started Static IP reset10.0.0.0 10.255.255.255 10/8 prefix New Networks192.168.0.0 192.168.0.255 192.168.0/24 prefix Configuring the SnapGear appliance on your network Page Set up IP addresses Multiple SnapGear appliances were found on the network Your SnapGear appliance was found on the networkYour SnapGear appliance needs an IP address SnapGear Management Console web administration pages Administrative passwordUsing linsetip Initial setup using LinuxPing -b subnet broadcast address Arp -a Using an existing local Dhcp or Bootp serverEdit the /etc/inetd.conf file Configuring a new local Dhcp or Bootp serverSnapGear Quick Setup LAN port quick setup LAN port quick setupISP connection quick setup ISP connection quick setupGetting started Configuring the PCs on your network TCP/IP properties Physically connect modem device Connecting to the InternetSelect Internet connection Connect to Internet cable modemConnect to Internet Adsl Connect to Internet modem Connect to Internet directField Description ISP. The Password and Confirm Password fields mustInternet failover Advanced configuration optionFollowing figure shows the failover configuration screen Failed connection Establishing the connection Configure PCs to use SnapGear appliance Internet gatewayDial-in server configuration Dial-in server configuration Dial-in setup Dial-in setupField Description Dial-in user account creation Dial-in user accountsFollowing figure shows the user maintenance screen Account list Dial-in password errorFor Windows 95 and Windows Remote user configurationServer types Connect to dialogue box WindowsClick Next to continue 11 Connection availability 13 Remote access login screen IP configuration Network configurationNetwork configuration Advanced IP configuration Advanced IP configurationNetwork configuration Dhcp server Dhcp server configurationNetwork configuration Advanced networking Traffic shapingAdditional routes Firewall Incoming accessIncoming access configuration Incoming access administration servicesConfigure external access to services External access to servicesPort forwarding Port forwarding configurationSecurity group classes configuration Outgoing accessFirewall rules Outgoing access settingsIntrusion detection and blocking Intrusion detection and blocking configurationPage Content filtering Content filtering Filtering Level Description Filtering levels and reportingVirtual Private Networking 1VPN tunneling using the Pptp serverPptp client setup Pptp client configuration Pptp server setup Pptp server setup Enable and configure the Pptp VPN serverField Description 4PPTP VPN server accounts screen Configuring user accounts for VPN serverVirtual Private Networking VPN Pptp IP address Configuring the remote VPN clientVirtual Private Networking Windows 95 and Windows VPN client setupYour VPN client is now set up correctly Windows NT Network and dial-up connections This displays the Destination Address window Connecting the remote VPN client 12 IPSec setup IPSec setup13 Add new IPSec connection Virtual Private Networking 14 Automatic keying setup Technique Description Aggressive mode phase 1 settingsIPSec interoperability Password SystemTime server Advanced DiagnosticsReset button Flash upgradeTechnical support Technical supportLED Pattern Status Action Appendix a LED status patternsAppendix B System Log Access LoggingPpp Default DenyEth0 Eth1Creating Custom Log Rules Forward Iptables -I Forward -j LOG -i eth+ -o eth+ -p tcp Rate Limiting Administrative Access LoggingBoot Log Messages