This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED not working behind firewall acting as router

Dear all,

unfortunately there appereared some problems while trying to install the RED device in our company.

Situation:
At company 1 there's an ASG120 standardly configured and in the packet filter rules set "ANY 3200 ANY Allow". In the RED Management I made the configuration with the helper. I set the company name, the external IP of company 1 as ASG Hostname and the ID. I used a static IP address. Checked the settings and after setting up the RED with the helper a DHCP and interface has been made.
At company 2 there should be the RED device. As we don't have a router at the moment I used the Gateprotect firewall. So the firewall is plugged to the modem and configured to act as router and establish the connection. Behind the "router" I plugged in the RED device at the WAN port.
After a short period of time following LEDs were permanently on: Power, System, Internet and LAN1. Only Tunnel didn't work.

Habe I missed something in my configuration? Do I have to especially open Port 3200 on the "router"-firewall at company 2?

Looking forward to get some answers on my problem!

Regards
Stocky

This thread was automatically locked due to age.

Parents

0 tov over 13 years ago

Hi stocky,

YES, beside DNS you have to open TCP and UDP 3200 on "router".
Cancel
Vote Up 0 Vote Down

Cancel
0 stocky over 13 years ago in reply to tov

Hi Tov,

I just tried this without any positiv result.

Meanwhile I got a hint from an earlier collegue to connect the RED at home to get the first setting of the RED from the ASG. So I did and the result was blinking LEDs at System and Internet. I just thougt "Ok... the IP assigned is another (one of our company's network and not my private) let's have a try at company 2".
But it didn't get better. The same result (blinking System and Internet) at company 2.
So I checked the "router" firewall again. It's a gateprotect firewall. It says that Internet is "on" so the connection to the internet should be established. I have to set rules before plugging in the RED device - I konow. So I opened port 3200 TCP/UDP for the whole internet IP range just to ensure the RED is within it.

I would like to ask some general questions:
- Do I need a DHCP at both places (company 1 and 2)?
- If yes, does the RED geht an IP from this pool first time until it is configured from the ASG via internet?

I don't know exactly how this mighty device works [:(]. I'm pretty sure to have configured the RED Management in the ASG correctly (just did it with the Helper) but something is still wrong. I guess that the "router" firewall makes trouble. I've ordered a simple Netgear Router but it hasn't delivered yet. What do you think? Is a simple router without any complex firewall stuff behind the modem better and would solve my problem? Please give me positiv answer =) I'm bleeding at the moment :/

Regards
Stocky
Cancel
Vote Up 0 Vote Down

Cancel
0 quasar3c279 over 13 years ago in reply to stocky

I may be wrong but I think it's port 3400 TCP/UDP!
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 13 years ago in reply to quasar3c279

Quasar is correct, the port is 3400 TCP AND UDP. You will also need to provide a valid DNS server to the unit via DHCP if you have configured the connection to use a FQDN.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BrucekConvergent over 13 years ago in reply to quasar3c279

Quasar is correct, the port is 3400 TCP AND UDP. You will also need to provide a valid DNS server to the unit via DHCP if you have configured the connection to use a FQDN.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 tov over 13 years ago in reply to BrucekConvergent

stocky,

sorry, my fault. As quasar3c279 and Brucek say: TCP/UDP 3400.
Cancel
Vote Up 0 Vote Down

Cancel
0 stocky over 13 years ago in reply to tov

Good Morning,

not a problem. I have to try it another time. Hopefully it'll work then.

Unfortunatelly I have to wait until I have the possibility to do this step because I am not allowed to do it after work because of our safety regulation that non employee may be alone in one of the both companies >.
Cancel
Vote Up 0 Vote Down

Cancel
0 stocky over 13 years ago in reply to stocky

So next try:

I just bought a netgear RP614 Wired Router for connecting our PPPoE connection (germany). Hopefully the RED device is abel to connect to the Astaro!

Regards
Cancel
Vote Up 0 Vote Down

Cancel