Already setup firewall (computer with 2 nics)

[Philippine Mango]

I have a WAN router that lets you hookup a cable/dsl modem to it so you can share an internet connection and I've decided it wasn't sufficient for my needs so I created a linux firewall. I now have it setup with 2 nics and I am able to get online because I have the 2nd nic outputting into the router. The router and the new firewall support portforwarding and other mangagement schemes and I'm wondering if I should disable the DHCP server on the router and just use the one on the firewall. I noticed when I first had the firewall, it didn't work with the router until I enabled the DHCP server so I'm wondering if my network will work if I disable the DHCP server.

1. If you disable the DHCP server on the router, will the DHCP server on the firewall take over all routing commands and the "router" will just be used for ports?
2. I can't get a simple hub because this router supports WIFI which I require to have so I'm wondering if I disable DHCP server on the router, will the firewall take over that roll for wifi as well.

 

[JackMDS]

On regular System with Entry Level Hardware, a Router is the ?link? between Two Networks.

Cable/DSL Router ?Mediate? between the WAN (External IP) and the LAN (Private IP).

If you go ahead and set it the way you describe, your are going to have two LANs.

One LAN would be comprised of the Cable/DSL Router the Wireless Clients, and the NIC in the software firewall/Router that is on the Cable/DSL Router side. You would have to keep the DHCP On, or assign static IPs for the Wireless clients, and one NIC in the Software/Router.

The second LAN would comprise of the second NIC in the Firewall Box and every thing pass it. Using the software Router and its DHCP you will be able assign IPs but they can not be of the same scheme as the ones on the cable/DSL Router it have to be a different IP scheme than the first LAN.

As an Example IPs of 1st LAN 192.168.1.x IPs on 2nd LAN 192.168.2.x

If set correctly you be able to connect to the Internet from both LANs. However LAN information (Printers and File sharing) will work from the first LAN to the second but Not from the second to the first.

:sun:

 

[Philippine Mango]

Problem is I'm wondering if I'm going to have routing issues. I'm assuming since my DHCP assignments are going towards the Cable/DSL router and the router "picks up" a number, I should forward all ports to that IP. Then on the router forward those ports to where ever I need?

 

[Wik]

Turn off DHCP in your router. Plug the linux firewall into a regular port on the router. Do not use the WAN port at all. Basically you are using the router as a Wifi Access point and a 4 port switch.

 

[Philippine Mango]

What about the uplink port? Should I plug it into there, or is it just for the router to "uplink" into another routers "butt"?

 

[Wik]

In your case, the uplink is not what you want to use.

Also, along with shutting off the DHCP server in the Wifi router, you should also change the lan ip to something that fits your current network. (I would set it outside of your linux DHCP pool, but in the same subnet) For example, in your firewall, set the DHCP to 192.168.0.2 - 192.168.0.32 and set the LAN IP on the Wifi to 192.168.0.33 This way you can still log into the wifi to change the encryption once a week or whatever.