WatchGuard X500 Configuration
I just completed configuring for X500. I got all 6 ports configured.
Port 1 - WAN
Port 2 - LAN - Internal LAN 1 - 192.168.1x.xx
Port 3 - OPT1 - Internal LAN 2 - 192.168.1x.xx Wireless AP
Port 4 - OPT2 - Internal LAN 3 - 192.168.1x.xx Wireless AP2
Port 5 - OPT3 - MY Workstation - 192.168.1x.xx Workstation
Port 6 - OPT4 - Bridged to OPT3 - 192.168.1x.xx HP Deskjet Printer
I have 4 ports that can be used between the two wireless APs. I am planning to turn on the Captive Portal on AP2. I got family comming and trying to easy the connection of 4 to 6 additioanl laptops.
Does this make sense? I hooked up my workstation and printer direct to the x500. I bridged the two ports toghthor and everything is working like a champ. I am running DHCP on all segments. I am working on wrapping up the final configuratioin. Can anyone make any recommendations?
I too have just got my firebox up and running and installed.
So far it seems good.
Are you using four instances of DHCP server?
I am trying to craft a firewall rule to allow only traffic to the internet from my wifi interface. I.e. blocked from any other interface except WAN. However I'm can't see how to do it other than setting a whole series of rules to block traffic to the other interfaces. I have 10 interfaces so the number of rules quickly stack up!
It seems I can only allow connection to the WAN IP.
I'm running 1.2.3-release embedded.
Any suggestions greatly appreciated.
Ah, found an answer in the forum.
Setup an alias LOCAL 192.168.0.0/16
Then use allow WIFI -> !LOCAL
Job done! :)
Edit: Spoke too soon. Doesn't seem to work, though I think this is the way to go.
Edit again: Obvious really but the above rule blocks access to the DNS forwarding service so you have to add another rule to allow that. e.g.
allow WIFI subnet -> WIFI address port 53 TCP/UDP
I have DHCP Server running on 5 of my 6 interfaces. None of my interfaces are bridged at this time.