DHCP Server
In this exercise, we use Policy Manager to configure a trusted interface on the Successful Company Firebox as a DHCP server. The size of the IP address pool controls the number of hosts that the DHCP server can assign IP addresses to.
In the IP addresses for this exercise, replace X with your student number.
1. Select Network > Configuration Network > Configuration.
2. Inth e InterfacesInterfaceslist, select Trusted Trusted(Interface 1). Click Configure Configure.
The Interface Settings dialog box opens.
3. Inth e Interface NameInterface Nametext box, type OurLAN.
4. Inth e InterfaInterface ce TypeType drop-down list, make sure that Trusted Trustedis selected.
5. Inth e IP addressIP addresstext box, type 10.0. X .1/24. Replace X with your student number.
6. Select the Use DHCP Server Use DHCP Server radio button.
7. Inth e Address PoolAddress Pool section, s elect the existing address pool and click Delete Delete.
8. Click Add Add.
9. Inth e Starting Starting addresaddresss text box, type 10.0. X .100.
10. In the Ending addressEnding addresstext box, type 10.0. X .200.
11. Click OK OK.
12. From the Leasing TimeLeasing Timedrop-down list, select 24 hours 24 hours.
13. Click OK OK.
14. Save the configuration to the Firebox.
If you changed the IP address of the trusted interface you connect to, make sure your computer gets a new IP address on the same subnet. Then, reconnect to the Firebox on the new IP address.
With this configuration, the DHCP server can assign up to 101 IP addresses to DHCP clients. After the DHCP server has assigned all 101 IP addresses, if any other DHCP client requests an IP address, the request fails, and that client cannot connect.
Network Settings
Network Settings
Exercise 3 — Configure an Optional Interface Exercise 3 — Configure an Optional Interface
Optional interfaces are commonly used for servers which are used by both the public and members of your organization, such as HTTP and FTP servers. I n this exercise, we configure an optional network that Successful Com pany can use for their public servers.
The settings for an optional interface are exactly the same as for a trusted interface. The only difference between trusted an optional interfaces is that the trusted interfaces belong to the alias Any-Trusted Any-Trusted, and optional interfaces belong to the alias Any-Optional Any-Optional.
1. Select Network > Configuration Network > Configuration.
The Network Configuration dialog box appears.
2. Select the InterfacesInterfacestab.
3. Inth e InterfacesInterfaceslist, select Optional-1 Optional-1(Interface 2). Click Configure Configure.
The Interface Settings dialog box appears.
4. From the InterfaInterface ce TypeType drop-down list, select Optional Optional.
5. Inth e Interface NameInterface Nametext box, type PublicServers.
6. Inth e Interface DescriptionInterface Descriptiontext box, type Servers used by customers and vendors . 7. Inth e IP AddressIP Address text box, keep the default network IP address of 10.0.2.1/24 10.0.2.1/24.
8. Make sure Disable DHCPDisable DHCP is selected.
Because this network does not use DHCP, no further configuration is necessary.
9. Click OK OK.
The new settings appear for Interface 2.
Exercise 4 — Configure WINS/DNS Server Exercise 4 — Configure WINS/DNS Server Information
Information
Several Fireware features operate correctly only if y ou use a WINS/DNS server on your trusted network. These features include Gateway AntiVirus, Intrusion Prevention Service, spamBlocker, and Mobile VPN (Virtual Private Networks). In this exercise, we use Policy Manager to configure the Successful Company Firebox to use WINS/DNS servers on the OurLAN and PublicServers networks.
Your instructor may provide a WINS/DNS server on the training network.
In the IP addresses in this exercise, replace X with your student number.
1. Select Network > Configuration Network > Configuration.
The Network Configuration dialog box appears.
2. Select the WINS/DNSWINS/DNS tab.
3. Inth e Domain NameDomain Name text box, type example.com.
4. Inth e DNS ServersDNS Servers text box, type 10.0. X .53 and click Add Add.
In the DNS ServersDNS Servers text box, type 10.0.2.53 and click Add Add.
These are the IP addresses of the internal DNS servers for this exercise.
You are not required to enter more than one DNS server. However, we recommend that you add more than one DNS server to make sure that users can still get DNS name resolution when the primary server is not available.
5. Inth e WINS ServersWINS Servers text boxes, type 10.0. X .53 and 10.0.2.53.
These are the IP addresses for the internal WINS servers for this exercise.
Network Settings
Network Settings
Exercise 5 — Configure a Secondary Network Exercise 5 — Configure a Secondary Network
A secondary network is a network that shares one of the same physical networks as one of the Firebox interfaces. In this exercise, we use Policy Manager to add a secondary network to the Successful Company OurLAN trusted network.
In the IP address in this exercise, replace X withyour student number.
1. Select Network > Configuration Network > Configuration.
The Network Configuration dialog box appears.
2. Select the InterfacesInterfacestab.
3. Inth e InterfacesInterfaceslist, select OurLAN OurLAN (Interface 1). Click Configure Configure.
The Interface Settings dialog box appears.
4. Select the SecondarySecondarytab.
5. Click Add Add.
The Add a secondary network dialog box appears.
6. Inth e IP AddressIP Address text box, type 172.16. X .1/24. Click OK OK.
7. Click OK OK to close the InterfacInterface e SettingsSettingsdialog box.
8. Click OK OK to close the Network ConfigurationNetwork Configurationdialog box.
9. Save the configuration file.