Getting Started

Sockets and connectors

The FireBrick^® has 7 sockets and 12 LEDs.

On the rear is the power connector for use with the power supply provided. This is intended for use indoors on a normal UK mains supply, and can be connected to an uninterruptable power supply (UPS) if required. Power connectors for use outside the UK may be obtained from your distributor.

Also on the rear is a 9-way D serial connector. This is for factory test and future development, so does not normally need anything connected.

Front view On the front there is a single network socket on the left. This is the connection to the outside world - the Wide Area Network (WAN). It is designed to connect to a hub using a normal network patch lead. The term WAN is used throughout this manual and the software configuration pages. It is possible to use the FireBrick^® in other configurations, but the term WAN is always used to refer to this left hand single network socket.

On the right are four network sockets. These are for your Local Area Network (LAN) and connect your computers or other hubs to the FireBrick^®. These are a hub and are designed to connect to computers using a normal network patch lead. If you are connecting another hub to any of the LAN sockets you will either need a crossover lead or you will need to use the uplink socket or setting on the hub to which you are connecting. The term LAN is used throughout this manual to mean the 4 network sockets on the right.

Lights

If you power up the FireBrick^® with no network connections then the green power light will be lit, and the eight LAN lights will cycle right and left continually. This is an indication that the FireBrick^® is working correctly and waiting for network connections on its LAN. Once the LAN is correctly connected the lights will stop cycling.

The green power light will be on when the FireBrick^® is plugged in to the power. If this blinks continually then the FireBrick^® is faulty.

The red alert light is used for several functions. It blinks momentarily on power up to show it is working, and will blink rapidly while you upgrade the software. Normally this light is off unless you have set a network filter to make it flash - e.g. when there is a certain type of access to your network. You can configure certain network filters to make this light blink slowly all of the time until you clear it.

Above each network socket are two lights. The LAN lights can be changed to operate in different modes, but normally the LAN and WAN lights operate in the same way, as follows:

The green light on the right indicates that there is a good connection to another network port - e.g. a hub or computer is correctly connected. If you are using the wrong sort of cable or the cable is faulty or the other end is not switched on or is the wrong type of network port then the green light will not be lit.
The yellow light on the left indicates network activity. This means there is data being received by that port.

The network lights on the LAN can be configured with different settings including a network bar graph showing overall LAN usage, and a cycling lights option even when there are network connections active.

Connecting to your network

The FireBrick^® is designed to fit in-line with an existing network connection. This means that you connect the WAN side of the FireBrick^® to an existing router or network hub, and the LAN side to your computer(s) or hubs.

If you are already connected to a router, network hub, or floor box, remove the existing cable from the router/hub/box and connect it to any of the LAN ports on the right of the FireBrick^®. The green light above the socket on the FireBrick^® will light.

Then connect the patch lead supplied from the WAN port on the FireBrick^® to the existing router, network hub, or floor box. Again the green light above the WAN socket on the FireBrick^® will light.

You may also see the yellow lights above each port light as data is sent and received on the network.

You can normally connect and remove network plugs without disconnecting the power from computers, hubs, or the FireBrick^® without any problem.

The only complication can be where your existing router is not itself a hub, and so uses a crossover lead or connects to a crossover port on a hub. In this case you may need to connect the FireBrick^® and the existing router to a separate hub, or use a crossover lead to connect the FireBrick^® to the existing router. Crossover leads can be purchased from your dealer. As long as the green light is lit over each of the cables you connect the FireBrick^® is correctly cabled.

Hubs and networks

The FireBrick^® is designed to operate on a 10baseT network connection. This means that it uses the 8-way RJ45 connectors which fit in the front and operates at 10,000,000 bits per second.

Some networks use 100baseT which operate 10 times faster. Normally such networks use switching hubs which allow a mixture of 10baseT and 100baseT systems to be connected, automatically adapting. Some hubs have lights indicating that they are operating in 10baseT or 100baseT on each port. Most computers that use 100baseT will also automatically adapt to 10baseT.

10baseT networks can manage a 2Mb/s internet connection (that's 2,000,000 bits per second each way, making 4Mb/s total) without much problem. Remember that 10Mb refers to the raw data rate on the network, and not the maximum speed that you could transfer files (which is much lower).

If you connect the FireBrick^® to a network hub or computer that can only operate at 100baseT the green light will not come on, but it will not do any harm to the FireBrick^® or the computer/hub. In such cases you can purchase small 10/100 switching boxes relatively cheaply that would allow you to connect the FireBrick^®.

If you needed to take a fast (say 34Mb/s) internet feed and split it down to several small offices (e.g. a managed office or hotel situation), then you can use a 10/100 fully switching hub and a bank of FireBrick^®s to provide each office with up to 2Mb of internet connection.

Some networks operate using 10base2 which uses round (coax) connectors. The FireBrick^® will not connect to these directly but you can buy a cheap network hub that will allow you to connect 10baseT and 10base2 networks together.

Some routers already have a 4-port hub, and you may have several cables already connected. These should all be moved to the FireBrick^® LAN ports and a single cable from the FireBrick^® WAN port connected to one of the sockets on the router. If you connect anything else to the spare sockets on your router then they will be outside your firewall and not protected by the FireBrick^®.

Checking all is well

Once you have connected the FireBrick^® between your computer(s) and your internet connection, you should check your system is still working. The simplest way to do this is to access a web page (such as http://www.FireBrick.co.uk/) and check that it displays correctly. Use refresh to make sure you are loading the page from the server and not a locally cached copy.

Configuration pages

Once the FireBrick^® is connected and you have working internet access you can access the FireBrick^® configuration pages using your web browser to access http://my.FireBrick.co.uk/. This will bring up a red screen with the FireBrick^® logo in the top right. If, instead, you see a different page with this is not your FireBrick^® then this means your FireBrick^® has not intercepted the my.FireBrick.co.uk address. This could be because you are accessing the internet by another means, or the FireBrick^® is not connected correctly, or you are behind the FireBrick^®. To access the FireBrick^® configuration pages you need to ensure you are not using a proxy. You can either turn off your proxy settings in your web browser or list my.FireBrick.co.uk as a no proxy site and try again. If this fails, use the standalone configuration as below. Also, try using the refresh/reload button on your browser, and try with SHIFT or CTRL keys as well, ad you browser may have cached a copy of the this is not your FireBrick^® page from some time before.

Standalone configuration

So far we have assumed you have an existing ethernet network connection in to which the FireBrick^® can be inserted. If however you do not have such a network connection, or you want to configure the FireBrick^® and familiarize yourself with its operation before unplugging your network, then you will need to access the FireBrick^® in standalone mode.

To do this you will need a computer with a web browser on which you can change the network settings. On Windows select Network on the Control Panel, choose the Protocol tab, highlight TCP/IP Protocol and click properties. Set your computer to have IP address 217.169.0.2 and a netmask of 255.255.255.252. You do not need to set or change your DNS, WINS, or gateway settings. You may have to reboot your computer for these changes to take effect.

An alternative is to add a network route. On windows, do this in Start->Run with the command ROUTE ADD 217.169.0.1 yourIP. On linux the command is route add -host 217.169.0.1 eth0. You should then be able to access the web page as below.

Then, using your web browser, and ensuring you have no proxy settings, access the FireBrick^® configuration pages using http://217.169.0.1/. This will provide the same web configuration page, and you will be able to set up the FireBrick^® as you require.

DHCP startup

You can factory reset the FireBrick^® such that it is running a DHCP server, thus allowing you to set your PC to automatic IP configuration. To do this, disconnect all network cables and power. Then, connect a straight network cable (as supplied) in from the WAN (left) to one of the LAN ports and then reconnect the power. After a second the red LED lights, and you can remove the network lead. The FireBrick^® will reset with a DHCP mode depending on which of the hub ports you connected the cable to as follows:-

Hub port	Factory reset operation
0 (left)	DHCP server on LAN and DHCP client on WAN
1	DHCP server on LAN
2	DHCP client on WAN
3 (right)	Normal, non DHCP mode

Having selected DHCP on the LAN, you can connect a PC set to automatic IP allocation, and access the FireBrick using http://217.169.0.1/.

Brick walls

If you have lots of FireBrick^®s, they can be stacked on top of each other. The rubber feet fit in to the dimples on the top.

What's protected

Installing a FireBrick^® will provide instant protection from the internet, but what does this mean...

Firstly, you can still access the internet. The FireBrick^® allows all outgoing traffic (apart from NETBIOS file shares) to go out in to the world. This means you can access web pages and send email, etc. The FireBrick^® automatically tracks information which is a reply to those outgoing connections and lets it back in.

The FireBrick^® blocks all other incoming traffic. There are however a number of filters predefined that can easily be turned on to allow, for example, incoming SMTP mail delivery.