06-16-2023, 08:01 PM
(This post was last modified: 06-16-2023, 08:11 PM by MarioMaiato.)
Hello,
I upgraded to a Gigahub with my Bell 50/50Mbps service, thinking it would help with providing more security. The interface and options are identical to the homehub2000... Very disappointing. How can you even call these things routers? You cannot even add a route.
I bought a Juniper Netscreen 5GT firewall. I tried to follow the instructions out there on the net about how to configure the Gigahub as a modem only. The idea is that the public IP address is assigned to the firewall/router. I finally configured the WAN interface to connect using PPPoE, & it worked! A public IP that obtained from Bell via DHCP. And now the power of a real/good firewall.
If you run a Netscreen firewall as well here are some specifics.
-Connect an rj45 cat 5, cat 6 cable to the Gigahub's 10GB interface & the netscreen'ss untrust interface.
-Connect another network cable from one of the Gighub's LAN ports to your switch or hub.
-Connect another network cable from one of the Netscreens trust ports to your hub or switch.
-On the Gigahub configure the DMZ to on. In the advanced DMZ settings, add your firewalls Mac address to the Active Device section. The MAC Address is underneath the firewall.
-In the Advanced tools and settings page disable Upnp, Dnla, Sip Alg.
*At this point the DMZ is configured with only the Netscreens IP or Mac listed in a allow devices area. DHCP & WiFI are still running from the GiGaHub.
-Configure the Netscreens Network->PPP->PPPoE Profile. Enter your b1 username & password. Set authentication to ANY. Call the profile Bell or something simple.
-Go to Network->Interfaces-> Edit the untrust interface. Select obtain IP using PPPoE. Select the profile you just created.
-Reboot the GiGaHub & the netscreen.
Go back to the netseen's network-> Interfaces page & verify the Untrust interface now has a public Bell IP address.
-Disable the DHCP server on the Gigahub. Enable DHCP Server on the Netscreen. Be sure to configure the gateway address of all network devices to the trusted IP of the Netscreen.
-Add your typical netscreen policies and protections. I personally enable every protection available & configure blocking policies.
-Test that you can access 192.168.2.1 with a wired connection. Then (optionally) turn off WiFi & configure your access points wifi.
Thats all folks!
Thanks
I upgraded to a Gigahub with my Bell 50/50Mbps service, thinking it would help with providing more security. The interface and options are identical to the homehub2000... Very disappointing. How can you even call these things routers? You cannot even add a route.
I bought a Juniper Netscreen 5GT firewall. I tried to follow the instructions out there on the net about how to configure the Gigahub as a modem only. The idea is that the public IP address is assigned to the firewall/router. I finally configured the WAN interface to connect using PPPoE, & it worked! A public IP that obtained from Bell via DHCP. And now the power of a real/good firewall.
If you run a Netscreen firewall as well here are some specifics.
-Connect an rj45 cat 5, cat 6 cable to the Gigahub's 10GB interface & the netscreen'ss untrust interface.
-Connect another network cable from one of the Gighub's LAN ports to your switch or hub.
-Connect another network cable from one of the Netscreens trust ports to your hub or switch.
-On the Gigahub configure the DMZ to on. In the advanced DMZ settings, add your firewalls Mac address to the Active Device section. The MAC Address is underneath the firewall.
-In the Advanced tools and settings page disable Upnp, Dnla, Sip Alg.
*At this point the DMZ is configured with only the Netscreens IP or Mac listed in a allow devices area. DHCP & WiFI are still running from the GiGaHub.
-Configure the Netscreens Network->PPP->PPPoE Profile. Enter your b1 username & password. Set authentication to ANY. Call the profile Bell or something simple.
-Go to Network->Interfaces-> Edit the untrust interface. Select obtain IP using PPPoE. Select the profile you just created.
-Reboot the GiGaHub & the netscreen.
Go back to the netseen's network-> Interfaces page & verify the Untrust interface now has a public Bell IP address.
-Disable the DHCP server on the Gigahub. Enable DHCP Server on the Netscreen. Be sure to configure the gateway address of all network devices to the trusted IP of the Netscreen.
-Add your typical netscreen policies and protections. I personally enable every protection available & configure blocking policies.
-Test that you can access 192.168.2.1 with a wired connection. Then (optionally) turn off WiFi & configure your access points wifi.
Thats all folks!
Thanks