Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1282 posts

Uber Geek
+1 received by user: 264


Topic # 180696 18-Sep-2015 10:04
Send private message

Hi there. Rather than hijack the thread below, I'm starting a new one  as this has differnet requirement

I'm after recommendations to replace a unreliable Vodafone Fibre modem , it has to be restarted occasionally (sometimes on the weekend unfortunately, so someone has to drive out there to do it)
New router wont need wifi, and would just be setup with a DMZ pointed to the firewall device


Vodafone sent out  HGF659 as a replacement: what a disaster. I set the DMZ to to point to the Hardware firewall: incoming email to the server (25)
worked, as did remote desktop(TS) . So these ports were correctly forwarded through the DMZ (to the firewall)
OWA, Remote Web Workplace & access to the company website were all blocked/not working
That HG659 had to come out quickly & the old flaky modem put back in.

Im guessing the HG659 is more of a home user modem/router ?

So any recommendations? I'd assume the aftermarket fibre modems would work with any ISP , in case the company changes internet provider.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
2084 posts

Uber Geek
+1 received by user: 622

Subscriber

  Reply # 1389575 18-Sep-2015 10:09
Send private message

You don't need a modem with UFB. Could you not use your hardware firewall?

25821 posts

Uber Geek
+1 received by user: 5550

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1389576 18-Sep-2015 10:11
Send private message

Why are you using a router in front of a firewall/router and putting up with potential double NAT and not just hooking your router directly to the UFB connection?




 
 
 
 




1282 posts

Uber Geek
+1 received by user: 264


  Reply # 1389579 18-Sep-2015 10:18
Send private message

lxsw20: You don't need a modem with UFB. Could you not use your hardware firewall?


I was just about to ask that question. :-)
So what would be conceived as the 'modem/router', is really the box screwed into the wall with the fibre going into it.?
Or is that fibre box on the wall a direct internet connection , so to speak?

And the Voda 'router' is just a straight router ?
so that Voda router can be removed & connect the hardware firewall direct to the actual fibre device .

Would the WAN port on the router need to match the companies static IP, or is there some NATing in that wall fibre box ?


2084 posts

Uber Geek
+1 received by user: 622

Subscriber

  Reply # 1389582 18-Sep-2015 10:23
Send private message

Nope that's the ONT. The HG659 is a Router/Modem, but you only use the modem part with an xDSL connection. So with UFB you're just using it as a router. 

Depending on the firewall, it should be able to do a PPPoE auth and vlan tag and sort traffic routing for you. I would suggest getting someone familiar with that particular firewall  product in to sort it out for you. 



1282 posts

Uber Geek
+1 received by user: 264


  Reply # 1389754 18-Sep-2015 15:11
Send private message

Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers


2084 posts

Uber Geek
+1 received by user: 622

Subscriber

  Reply # 1389757 18-Sep-2015 15:16
Send private message

What is the current firewall? You should consider replacing that instead. 

25821 posts

Uber Geek
+1 received by user: 5550

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1389760 18-Sep-2015 15:17
One person supports this post
Send private message

1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.




1282 posts

Uber Geek
+1 received by user: 264


  Reply # 1390962 21-Sep-2015 09:25
Send private message

sbiddle:

 

1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.

 



what I called a firewall, IS a hardware firewall, not a router .
The FIREWALL doesnt support VLAN tagged, its too old, the newer versions (sonicwalls) do but are damn expensive .



1282 posts

Uber Geek
+1 received by user: 264


  Reply # 1390968 21-Sep-2015 09:33
Send private message

lxsw20: What is the current firewall? You should consider replacing that instead. 


Sonicwall .

Replacing/upgrading the sonicwall would be the best long term solution, but I dont think think that will happen due to cost .
Looks like a descent Draytek router isnt cheap either, but its not my choice on how much they are willing to spend .

Putting a router before the firewall isnt perfect, but to be honest , its really not that  different than ADSL conections having a modem/router before the firewall .


25821 posts

Uber Geek
+1 received by user: 5550

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1390974 21-Sep-2015 09:42
Send private message

1101:
sbiddle:
1101: Ok, the Hardware firewall doesnt support VLAN Tagging (too old I guess)

So looks like I'll need a recommendation for a router
Cheers



Your best solutions are to either replace the current router (what you call the "firewall") with some better or spend $40ish on hardware to enable that to stay by using VLAN tagging.

Another router sitting in front is not a solution. That's just a poor network setup.



what I called a firewall, IS a hardware firewall, not a router .
The FIREWALL doesnt support VLAN tagged, its too old, the newer versions (sonicwalls) do but are damn expensive .


So your firewall is doing no routing/NAT? That makes no sense and sounds like a very complex setup.







2134 posts

Uber Geek
+1 received by user: 710

Subscriber

  Reply # 1390975 21-Sep-2015 09:46
Send private message

Just do what Sbiddle says. The $40 piece of hardware he is referring to is probably a managed switch. Which you will setup to remove the VLAN tags. As currently you are running 2 routers. Meaning double NAT. Which is why you get weird problems with some things working and others not.





3778 posts

Uber Geek
+1 received by user: 222

Trusted

  Reply # 1390977 21-Sep-2015 09:50
Send private message

Fortigate 30D, 40D or 60D depending on your services requirements from the router. From what you have described a 40D will do the job.




Do whatever you want to do man.

  

25821 posts

Uber Geek
+1 received by user: 5550

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 1390983 21-Sep-2015 09:57
Send private message

Aredwood: Just do what Sbiddle says. The $40 piece of hardware he is referring to is probably a managed switch. Which you will setup to remove the VLAN tags. As currently you are running 2 routers. Meaning double NAT. Which is why you get weird problems with some things working and others not.


2nd hand managed switch or a cheap hAP Lite if you want to go down the Mikrotik route and only need 100Mbps. You're looking at a few $ more for a cheap Mikrotik with 1Gbps ports.




3384 posts

Uber Geek
+1 received by user: 389

Trusted

  Reply # 1391040 21-Sep-2015 10:33
Send private message

1101:
lxsw20: What is the current firewall? You should consider replacing that instead. 


Sonicwall .

Replacing/upgrading the sonicwall would be the best long term solution, but I dont think think that will happen due to cost .
Looks like a descent Draytek router isnt cheap either, but its not my choice on how much they are willing to spend .

Putting a router before the firewall isnt perfect, but to be honest , its really not that  different than ADSL conections having a modem/router before the firewall .



Are you 100% sure you are not using any routing function on it? What are its WAN IP and the LAN IP ranges?

I have heard that the Ubiquiti router is relatively easy to setup and not too expensive. I have mikrotik and its super complex so wouldn't suggest you touch that stuff.





3786 posts

Uber Geek
+1 received by user: 1880

Lifetime subscriber

  Reply # 1391063 21-Sep-2015 11:07
Send private message

Zeon: ... I have heard that the Ubiquiti router is relatively easy to setup and not too expensive. I have mikrotik and its super complex so wouldn't suggest you touch that stuff.


I have a Ubiquiti EdgeRouter Lite - it works well on a fast cable connection and was not expensive.
"Relatively easy to setup" is optimistic in my view - it took me many hours of research and trial-and-error to set up and I hope that I never, ever, need to change anything ever again undecided

"The bottom line is that this is not a router that the average router buyer should even consider. It is poorly documented, difficult to set up and will test your patience unless you have experience with the Linux command line, understand routing mechanics and know what router interfaces are and how to use them. Not to mention that it has only, at best, two LAN ports, if you are willing to delve into the command line to bridge the two. So you'll probably need to buy a Gigabit switch to go along with it."

In the end I downloaded some configuration files from here - they worked.




Sideface


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand hits peak broadband data
Posted 18-Jan-2018 12:21


Amazon Echo devices coming to New Zealand early February 2018
Posted 18-Jan-2018 10:53


$3.74 million for new electric vehicles in New Zealand
Posted 17-Jan-2018 11:27


Nova 2i: Value, not excitement from Huawei
Posted 17-Jan-2018 09:02


Less news in Facebook News Feed revamp
Posted 15-Jan-2018 13:15


Australian Government contract awarded to Datacom Connect
Posted 11-Jan-2018 08:37


Why New Zealand needs a chief technology officer
Posted 6-Jan-2018 13:59


Amazon release Silk Browser and Firefox for Fire TV
Posted 21-Dec-2017 13:42


New Chief Technology Officer role created
Posted 19-Dec-2017 22:18


All I want for Christmas is a new EV
Posted 19-Dec-2017 19:54


How clever is this: AI will create 2.3 million jobs by 2020
Posted 19-Dec-2017 19:52


NOW to deploy SD-WAN to regional councils
Posted 19-Dec-2017 19:46


Mobile market competition issues ComCom should watch
Posted 18-Dec-2017 10:52


New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.