Setting up a drop-in network – WatchGuard Technologies FireboxTM System 4.6 User Manual

Page 46

Advertising
background image

Setting up a drop-in network

36

The QuickSetup wizard also writes a basic configuration file called

wizard.cfg

to the hard disk of the Management Station. If you later want to expand

or change the basic Firebox configuration using Policy Manager, use

wizard.cfg

as

the base file to which you make changes.

You can run the QuickSetup wizard again at any time to a create new, basic
configuration file.

To run the QuickSetup wizard:

1

Complete the Network Configuration Worksheet.

A copy is included with the

Install Guide

. It can also be found as a .pdf file in the WatchGuard

Documentation directory.

2

From the Windows Desktop, select Start => Programs => WatchGuard =>
QuickSetup Wizard.

You can also, from the Control Center, select LiveSecurity => QuickSetup Wizard

LiveSecurity => QuickSetup Wizard

LiveSecurity => QuickSetup Wizard

LiveSecurity => QuickSetup Wizard. The

QuickSetup wizard prompts for information about your network and security policy preferences.

Setting up a drop-in network

A drop-in network configuration is useful for situations where you can distribute
network address space across the Firebox interfaces. In a drop-in configuration, you
place the Firebox physically between the router and the LAN, without reconfiguring
any of the machines on the Trusted interface.

Characteristics of a drop-in configuration:

• A single network that is not subdivided into smaller networks; the network is

not subnetted.

• WatchGuard performs proxy ARP.

- The Firebox answers ARP requests for machines that cannot hear the

broadcasts.

- The Firebox can be placed in a network without changing default gateways

on the Trusted hosts. This is because the Firebox answers for the router, even
though the router cannot hear the Trusted host’s ARP requests.

- To enable proxy ARP, you must assign the same IP address to all three

interfaces for the Firebox. This is the only supported address assignment in
drop-in configuration.

• All Trusted computers must have their ARP caches flushed.

The QuickSetup wizard replaces the configuration file, writing over any prior
version. To make a backup copy of the configuration file on the flash disk, see
the Firebox System Area chapter in the

Reference Guide

.

Documentation for running the QuickSetup wizard is contained in the
wizard’s on-panel instructions,

Install Guide

, and Online Help.

When the wizard prompts you to enter monitoring (read-only) and
configuration (read-write) passphrases, use two completely different
passphrases.

Advertising
Popular Brands
Popular manuals