Help with Endian FW

Discussion in 'other firewalls' started by EJones, Apr 12, 2009.

Thread Status:
Not open for further replies.
  1. EJones

    EJones Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    4
    Hello everyone,

    I need some help with a homebuilt Endian FW. I have Earthlink DSL, SMC Barricade Plus router and a netgear GS724T 24 port switch. I run 6 computers, a WHS server, 3 network printers and a ROKU internet radio. All have static IP's and work fine. I am looking for a way to monitor and filter internet traffic. My network runs under 192.158.1.1 - .254. Router is on 192.168.1.1, Netgear switch is on 192.168.1.254. Endian FW Green port is set to 192.168.1.200.

    I downloaded the Endian Community FW SW installed on an old harddrive in the WHServer. (Pulled the WHS HD's.) The MOBO is a GIGABYTE GA-EP45-UD3P MOBO with dual network built in. Wolfdale 3.13 G. Processor and 4 G memory.

    Here is where I am stumped and need some help.

    I have the Endian FW PC hooked into one port on either the SMC router or the Netgear switch and have the same results.

    The endian SW installed fine and I can access from another PC web browser.

    When I set the RED port to anything other than gateway and the Endian resets the configuration I can no longer access the Endian through the browser. I have tried moving cables around, using a cross over cable, hooking between the router and the switch, etc. All to the same end.

    I end up having to reinstall the Endian SW as I am not real fluent in Linux.

    Any suggestions would be appreciated.

    Thanks,

    Evan
     
  2. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    If the router has a modem built in, try disabling routing and set it to bridge mode if that's in the settings. If the router is behind a regular DSL modem, take the router out of the configuration, in this case it's redundant. Then set your Green network card to 192.168.1.1 and plug the switch into this, Red to the router/modem.

    This is how I set up IPCop, but it should work the same with Endian as well.

    Edit: one other thing you may want to confirm is that both of the nics are actually working. See this thread from an IPCop forum. This guy had problems with two onboard nics randomly working/not working. Adding a PCI network card fixed his problem. It also takes the guesswork out of which one you configured as Green if you use a card that's from a different manufacturer as the onboard nic.
     
    Last edited: Apr 12, 2009
  3. EJones

    EJones Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    4
    Thanks for the reply,

    I did what you said and it is up and running under PPoe. I have run into another problem. I also have Vonage. I went in to the Proxy settings and added a rule for ports 5060-5061 for SIP and 10000-20000. Still no dial tone.

    Any thoughts on this would be great.

    My internet actually ran slightly faster with the EFW over the SMC Barricade router.

    Thanks,

    Evan
     
  4. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    Nice to hear that it's working! For the speed, have you looked at the traffic shaping option in the web interface? That might help.

    I don't know anything at all about SIP phones, but I had a hunch you would have to use port forwarding. Found this article that seems to confirm that. Try out their tip and see if it works.
     
  5. Gez

    Gez Registered Member

    Joined:
    Jan 15, 2006
    Posts:
    65
    Location:
    Ireland
    I'm not familiar with Vonage or VoIP in general but I doubt you need to route it through the content-filtering proxy in Endian. I would have thought you'd need to open the ports in the firewall section instead, and also perhaps to forward these ports to your phone adapter.

    edit: just realised johnny123 has already suggested this.
     
    Last edited: Apr 14, 2009
  6. EJones

    EJones Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    4
    I wanted to share how I got my Endian Firewall and Vonage voip to work. After looking at the Vonage website, reading many posts and talking with Vonage I realized that there did not exist a complete set of instructions that I could find on the internet for EFW and Vonage.

    These instructions are for the EFW Community version 2.2 rc3.

    I have a Uniden voip phone from Vonage, Earthlink DSL contracted through Verizon, and originally an SMC Barricade Plus router. Vonage worked right out of the box (pre EFW).

    After getting the EFW up and running (thanks to the other posts on the forum for the help!!) I tried the various port settings found on several posts found on the internet. I managed to get a dialtone and call in or out, but no audio.

    I found one post that talked about the fact that the older Vonage servers do not support Stateful Packet Inspection and that could be the cause for no audio. I have had Vonage for five years and figured that might be the case for me.

    Here are the settings that I used in EFW to set-up the Firewall Ports:

    Under the Firewall Tab and then Outgoing Traffic Tab you want to click on the “Add a new firewall rule” and create the below Firewall rules. (I attached these “Vonage specific” rules to the MAC address of my Uniden phone.)

    You will need to click the “Update Rule” button after creating a rule and then click “Add a new firewall rule” to create the next rule.

    You can also click “Apply” and “Save” after creating each rule if you want or you can “Apply” and “Save” at the end. “Apply will appear at the top of the page and the “Save” button is at the bottom of the page.

    Source Destination Service Protocol Dest Port Action Remark
    (UserDef) RED SIP UDP 5060 Allow Vonage SIP
    (UserDef) RED TFTP UDP 69 Allow Vonage TFTP
    (UserDef) RED TFTP UDP 21
    2400 Allow Vonage TFTP
    (UserDef) RED NTP TCP+UDP 123 Allow Vonage NTP
    (UserDef) RED <ANY> UDP 80 Allow Vonage HTTP
    (UserDef) RED <ANY> UDP 10000:20000 Allow Vonage RTP

    Each of the above lines is a firewall rule for Vonage.

    A couple of notes.

    • DNS 53 is also required but is already a default rule for EFW. Change the Protocol from TCP to TCP+UDP and click the “Update Rule” button.

    • The (UserDef) is where I chose MAC and then listed the Uniden MAC address in the box below. You can change this to whatever you would like.

    • You see two rules for TFTP. If you select TFTP as a service EFW automatically puts in UDP and port 69. I left the port 69 rule alone and created the other rule for ports 21 and 2400. (You could probably put all three ports in the same rule.) After you type in 21 press “Enter” and on the next line of the box enter 2400. (Don’t let the statement above the box “Destination port (one per line)” fool you. You can enter more than one port or a range of ports.

    • The RTP ports 10000:20000 are a critical part of the firewall rules. The : tells the rule that this is a range. Vonage randomly picks an RTP port number between 10000 and 20000 for each phone call placed. Once you get Vonage up and running if you open NTOP you can see the RTP port used each time you place a phone call.

    At this point you should be able to unplug your Vonage phone, reset it and test it. If you are able to place and receive calls you are good to go. If not then you need to call Vonage. (I know, you are thinking "How do I do this with no voip." Think creatively. I have a phone on my POTS line, a cell phone, or maybe a string and a dixie cup. You do need to be able to get to your Vonage phone as the technician will ask you to unplug it a couple of times. They can see when you unplug it and plug it back in.) Explain to the technician that you have installed a new firewall that does Stateful Packet Inspection and you believe you are on an old Vonage Server that does not handle SPI. They can check this and tell you if the server hadles SPI or not. It took about 10 minutes for the technician to switch me to a new server that handles SPI. I was set and voip restored.

    I hope this helps you with Vonage voip and EFW Community version.
     
  7. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    Good job figuring that one out! You may want to post your solution in the Endian forum in case anyone else there is pulling his hair out trying to get the phone to work.

    Save your configuration to a floppy or USB drive (if you haven't already done so). In the event you want to re-install Endian it will save you the effort of doing all of the rules over again.
     
  8. EJones

    EJones Registered Member

    Joined:
    Apr 12, 2009
    Posts:
    4
    Thanks for the save info.
     
  9. joaotijolo

    joaotijolo Registered Member

    Joined:
    Aug 16, 2009
    Posts:
    1
    Thanks a million!!!!:rolleyes: :rolleyes:

    I've spent quite some trying to make my sip phone work under Endian...

    Keep up the excellent work.

    Cheers,

    Joao Resende
     
Loading...
Thread Status:
Not open for further replies.