Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1086 posts

Uber Geek
+1 received by user: 216


Topic # 180696 18-Sep-2015 10:04
Send private message

Hi there. Rather than hijack the thread below, I'm starting a new one  as this has differnet requirement

I'm after recommendations to replace a unreliable Vodafone Fibre modem , it has to be restarted occasionally (sometimes on the weekend unfortunately, so someone has to drive out there to do it)
New router wont need wifi, and would just be setup with a DMZ pointed to the firewall device


Vodafone sent out  HGF659 as a replacement: what a disaster. I set the DMZ to to point to the Hardware firewall: incoming email to the server (25)
worked, as did remote desktop(TS) . So these ports were correctly forwarded through the DMZ (to the firewall)
OWA, Remote Web Workplace & access to the company website were all blocked/not working
That HG659 had to come out quickly & the old flaky modem put back in.

Im guessing the HG659 is more of a home user modem/router ?

So any recommendations? I'd assume the aftermarket fibre modems would work with any ISP , in case the company changes internet provider.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
1989 posts

Uber Geek
+1 received by user: 580

Subscriber

  Reply # 1389575 18-Sep-2015 10:09
Send private message

You don't need a modem with UFB. Could you not use your hardware firewall?

25072 posts

Uber Geek
+1 received by user: 4956

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1389576 18-Sep-2015 10:11
Send private message

Why are you using a router in front of a firewall/router and putting up with potential double NAT and not just hooking your router directly to the UFB connection?




 
 
 
 




1086 posts

Uber Geek
+1 received by user: 216


  Reply # 1389579 18-Sep-2015 10:18
Send private message

lxsw20: You don't need a modem with UFB. Could you not use your hardware firewall?


I was just about to ask that question. :-)
So what would be conceived as the 'modem/router', is really the box screwed into the wall with the fibre going into it.?
Or is that fibre box on the wall a direct internet connection , so to speak?

And the Voda 'router' is just a straight router ?
so that Voda router can be removed & connect the hardware firewall direct to the actual fibre device .

Would the WAN port on the router need to match the companies static IP, or is there some NATing in that wall fibre box ?


1989 posts

Uber Geek
+1 received by user: 580

Subscriber

  Reply # 1389582 18-Sep-2015 10:23
Send private message

Nope that's the ONT. The HG659 is a Router/Modem, but you only use the modem part with an xDSL connection. So with UFB you're just using it as a router. 

Depending on the firewall, it should be able to do a PPPoE auth and vlan tag and sort traffic routing for you. I would suggest getting someone familiar with that particular firewall  product in to sort it out for you. 



1086 posts

Uber Geek
+1 received by user: 216


  Reply # 1389754 18-Sep-2015 15:11
Send private message

Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers


1989 posts

Uber Geek
+1 received by user: 580

Subscriber

  Reply # 1389757 18-Sep-2015 15:16
Send private message

What is the current firewall? You should consider replacing that instead. 

25072 posts

Uber Geek
+1 received by user: 4956

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1389760 18-Sep-2015 15:17
One person supports this post
Send private message

1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.




1086 posts

Uber Geek
+1 received by user: 216


  Reply # 1390962 21-Sep-2015 09:25
Send private message

sbiddle:

 

1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.

 



what I called a firewall, IS a hardware firewall, not a router .
The FIREWALL doesnt support VLAN tagged, its too old, the newer versions (sonicwalls) do but are damn expensive .



1086 posts

Uber Geek
+1 received by user: 216


  Reply # 1390968 21-Sep-2015 09:33
Send private message

lxsw20: What is the current firewall? You should consider replacing that instead. 


Sonicwall .

Replacing/upgrading the sonicwall would be the best long term solution, but I dont think think that will happen due to cost .
Looks like a descent Draytek router isnt cheap either, but its not my choice on how much they are willing to spend .

Putting a router before the firewall isnt perfect, but to be honest , its really not that  different than ADSL conections having a modem/router before the firewall .


25072 posts

Uber Geek
+1 received by user: 4956

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1390974 21-Sep-2015 09:42
Send private message

1101:
sbiddle:
1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.



what I called a firewall, IS a hardware firewall, not a router .
The FIREWALL doesnt support VLAN tagged, its too old, the newer versions (sonicwalls) do but are damn expensive .


So your firewall is doing no routing/NAT? That makes no sense and sounds like a very complex setup.







1633 posts

Uber Geek
+1 received by user: 494

Subscriber

  Reply # 1390975 21-Sep-2015 09:46
Send private message

Just do what Sbiddle says. The $40 piece of hardware he is referring to is probably a managed switch. Which you will setup to remove the VLAN tags. As currently you are running 2 routers. Meaning double NAT. Which is why you get weird problems with some things working and others not.





3727 posts

Uber Geek
+1 received by user: 203

Trusted

  Reply # 1390977 21-Sep-2015 09:50
Send private message

Fortigate 30D, 40D or 60D depending on your services requirements from the router. From what you have described a 40D will do the job.




Do whatever you want to do man.

  

25072 posts

Uber Geek
+1 received by user: 4956

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 1390983 21-Sep-2015 09:57
Send private message

Aredwood: Just do what Sbiddle says. The $40 piece of hardware he is referring to is probably a managed switch. Which you will setup to remove the VLAN tags. As currently you are running 2 routers. Meaning double NAT. Which is why you get weird problems with some things working and others not.


2nd hand managed switch or a cheap hAP Lite if you want to go down the Mikrotik route and only need 100Mbps. You're looking at a few $ more for a cheap Mikrotik with 1Gbps ports.




3351 posts

Uber Geek
+1 received by user: 373

Trusted

  Reply # 1391040 21-Sep-2015 10:33
Send private message

1101:
lxsw20: What is the current firewall? You should consider replacing that instead. 


Sonicwall .

Replacing/upgrading the sonicwall would be the best long term solution, but I dont think think that will happen due to cost .
Looks like a descent Draytek router isnt cheap either, but its not my choice on how much they are willing to spend .

Putting a router before the firewall isnt perfect, but to be honest , its really not that  different than ADSL conections having a modem/router before the firewall .



Are you 100% sure you are not using any routing function on it? What are its WAN IP and the LAN IP ranges?

I have heard that the Ubiquiti router is relatively easy to setup and not too expensive. I have mikrotik and its super complex so wouldn't suggest you touch that stuff.





3542 posts

Uber Geek
+1 received by user: 1619

Subscriber

  Reply # 1391063 21-Sep-2015 11:07
Send private message

Zeon: ... I have heard that the Ubiquiti router is relatively easy to setup and not too expensive. I have mikrotik and its super complex so wouldn't suggest you touch that stuff.


I have a Ubiquiti EdgeRouter Lite - it works well on a fast cable connection and was not expensive.
"Relatively easy to setup" is optimistic in my view - it took me many hours of research and trial-and-error to set up and I hope that I never, ever, need to change anything ever again undecided

"The bottom line is that this is not a router that the average router buyer should even consider. It is poorly documented, difficult to set up and will test your patience unless you have experience with the Linux command line, understand routing mechanics and know what router interfaces are and how to use them. Not to mention that it has only, at best, two LAN ports, if you are willing to delve into the command line to bridge the two. So you'll probably need to buy a Gigabit switch to go along with it."

In the end I downloaded some configuration files from here - they worked.




Sideface


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Nothing nebulous about Microsoft’s cloud-transition
Posted 21-Jul-2017 15:34


We’re spending more on tech, but not as much as Australians
Posted 21-Jul-2017 11:43


Endace announces EndaceFabric for network-wide packet recording
Posted 20-Jul-2017 20:49


Acorn 6: MacOS image editing for the rest of us
Posted 20-Jul-2017 17:04


HTC faces backlash over keyboard pop-up ads
Posted 19-Jul-2017 15:53


BNZ adds Visa credit cards to Android Pay wallet
Posted 18-Jul-2017 19:44


Still living in a Notification hell – Om Malik
Posted 18-Jul-2017 13:00


Duet Display uses iPad to extend Mac, PC
Posted 18-Jul-2017 10:58


PC sales could be worse
Posted 17-Jul-2017 07:34


Crypto-currencies, tulips, market bubbles
Posted 17-Jul-2017 06:38


NZ Tech Podcast: Big batteries, solar cars, cold war, IoT
Posted 16-Jul-2017 16:53


Vodafone Australia mulls Wisp alliance, NZ implications
Posted 13-Jul-2017 16:49


Rural health professionals see fibre pay-off
Posted 13-Jul-2017 11:52


Vodafone announces expansion of $5 Daily Roaming
Posted 13-Jul-2017 10:20


Intel unveils powerful Intel Xeon Scalable processors
Posted 12-Jul-2017 20:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.