Legacy productThe WF1740 described here is an old product and no longer supplied. Please see details of current FireBrick products.
FireBrick 105
Manuals
Home
Setup Users Status Profiles Shape Speed Subnet Route IP Port Filters Mapping Tunnel

Introduction

The FireBrick 105 is a sophisticated router/firewall product that is designed to be the key device between the internet and your network. It provides state tracking firewalling and routing as well as useful features such as network address translation and automatic IP address allocation. The FireBrick has a number of optional extras making it invaluable at home or in an office. Whilst it is only a small box, it has the power to handle the fastest 8Mb/s ADSL internet links running flat out and handle hundreds of computers in a large office network.

Using this manual

This manual covers the basic operations clearly and simply, and acts as a reference. There are sections for each of the FireBrick configuration icons, and sections describing the underlying functionality of the FireBrick. Each section has at the end a Technical Reference which goes into much more detail about that section with a number of key technical points and notes listed. There is also a section describing each of the optional extra features that are available. Generally, the manual will describe the operation with most features installed, and so your FireBrick may be missing some of the options listed if you do not have all features.

Basic terms

There are some key terms used throughout the manual which it is useful to understand. Please read these first.
 
LAN Local Area Network. This is a group of devices connected together, normally using ethernet, which can communicate directly with each other. It can include cables, hubs, switches, and even wireless access points.
LAN, 
WAN, 
DMZ
LAN, WAN (Wide Area Network) and DMZ (DeMiliterized Zone) are used to describe the sides of a firewall. They are all LANs but the WAN is used to describe the outside (connected to the rest of the world), The LAN is the inside connected to your network, and any DMZs are used for servers which are typically protected from the WAN but from which your LAN is protected in case such machines are compromised. Normally the single port on the left is the WAN and the 4 ports on the right are the LAN.
IP Internet Protocol. An IP address is four parts with dots, e.g. 192.168.0.1. The FireBrick supports only conventional IP (version 4).
Mask (Netmask, Subnet mask) is used to define the size of a local area network. Usually shown in the same format as an IP address, e.g. 255.255.255.192, but also shown as a bit count on the end of an IP address, e.g. 192.168.0.1/24. See Networks for more details.
Port End point identity used by TCP and UDP protocols, a number 1 to 65535
TCP Transport Control Protocol - used for most session based communications such as web pages, email, etc.
UDP User Datagram Protocol - used for realtime and transaction based communications such as DNS and voice over IP.
DNS Domain Name Service - the way in which machine names are converted to IP addresses, and various related functions.

Getting started

A quick start guide is included with your FireBrick (PDF).

It is very simple to connect your FireBrick to an existing network and make use of it's facilities with no additional configuration. Once connected, it is simple to access the configuration pages and make any changes you wish.

There are 5 ethernet ports on the front of the FireBrick. The one of the left is normally the WAN side, and the 4 on the right are normally a high speed network switch connected to the LAN side. All ports support 10base-T and 100base-T as well as Full and half Duplex automatically and also have auto crossover to avoid any confusion with straight or crossover cables. The power connector is at the rear and should be used with the supplied power supply or equivalent.

Connecting a FireBrick in to an existing network

  1. Check you have internet access from your computers.
  2. Locate the router which connects your network to the internet. If you have ADSL, then this will probably also connect to a telephone socket. It should have a cable which connects from it to your network. It may have more (perhaps up to 4). If you find something with more cables, e.g. 8 or more, that is probably a switch or hub and not the router.
  3. Place the FireBrick near this router and connect the power. The lights will cycle on the front.
  4. Remove the cable(s) from the router which connect the router to your network, and plug them in to the right hand side of the FireBrick. It does not matter which of the 4 ports they connect to. As you connect each cable, the green light above the cable should light after a second or two.
  5. Connect a cable (one is supplied) from the single left hand port on the FireBrick to the socket on the router from where the previous cables were removed. If there is more than one socket, any will do. When you do this the light above the port on the FireBrick should light up after a second or two.
  6. Check you still have internet access from your computers.
  7. Use one of the computers with web browser to access http://my.FireBrick.co.uk/ where you should see a configuration screen.

Connecting a FireBrick to a PC for stand alone configuration

  1. Connect the power. The lights will cycle on the front.
  2. Connect a cable from one of the 4 ports on the right to your PC. The light over the port on the FireBrick should come on after a second or two.
  3. Configure your PC to have IP address 217.169.0.2 with netmask 255.255.255.252
  4. Use a web browser on your PC to access http://217.169.0.1/ where you should see a configuration screen.

Factory reset

It is quite possible with any firewall product to mis-configure the unit so that you are unable to access it or make further configuration changes. Whilst this is unlikely, if this happens then the only option is a factory reset. As a security product, there are no back doors to help you if you forget the passwords you have set.

To factory reset:-

  1. Disconnect the power and all network leads
  2. Connect a network lead from the Left hand single port to the right hand port of the four ports on the right.
  3. Connect the power and wait 2 seconds
  4. The green POWER light should be blinking
  5. Disconnect the network lead
  6. The FireBrick will factory reset immediately
There are alternative factory resets which can be used depending on which of the 4 ports on the right are connected to the single port on the left. If the left hand port is used then the factory reset will include DHCP client on the WAN and DHCP server+client on the LAN. If the middle ports are used then they have the same effect as their adjacent end port but the WAN and LAN become reversed such that the single port is the LAN and the four port switch is the WAN.

Basic configuration

Accessing the FireBrick web pages there are a number of basic configurations steps which are recommended. You will find that the web pages have prompts to take you through these steps as follows:-
  1. Setting an admin password. The FireBrick has a username/password security system, and you can define a number of users with different levels of access. Initially it is sensible to set a password on the admin user.
  2. Logging in as Administrator. Having set a password you should log in using that password. This allows you access to all of the FireBrick features, and you will see many more icons on the administration pages once logged in.
  3. Removing default view/edit rights from the nobody user. Without a password you still had some access to the FireBrick and it is sensible to now remove that access so that anyone accessing the FireBrick web configuration pages must login before they can do anything.
  4. Once an IP address is set up you may find you have to log in again - this is because the FireBrick will have just set its clock from the internet.
  5. The features menu under the Setup icon allows you to check you have all features installed. If you purchased any extra features with your FireBrick then they will be installed at this point.
  6. Registration - by registering your FireBrick you can receive any notices by email advising of new software, features, or security alerts. Registration may also provide additional extended warranty.

Tips

Moving entries

Many of the configurations entries have a small green dot next to each entry - clicking on this dot allows the entry to be picked up and moved. Once picked up simply select one of the green arrows next to an entry to move it there. You can change to other pages of the same list first if necessary.

Entering IP ranges

When entering IP ranges you can enter :-
  1. Blank for any range
  2. A single IP in thje left hand box for a single IP match
  3. The lowest IP in the left box and the highest in the right box as a range of IPs
  4. Any IP in the left box and a subnet mask in the right box for a range specified using a subnet mask
  5. Any IP in the left box and a subnet bit count in the right box for a range specified using a subnet bitcount
In the last two cases the range is filled in when saved.

FireBrick Plus and FireBrick SoHo

If you have used a FireBrick Plus or SoHo model in the past, the FireBrick 105 has a number of new features. See the list of differences.
You can load a FireBrick SoHo or FireBrick Plus configuration in to the FireBrick 105 if you wish.