1. Home
  2. Networking Firewalls
  3. Too many firewalls?

Too many firewalls?

Hi, i'm completely new to home networking and would like some help, please. i'm helping someone to setup home office- with 3- 4pcs, 1 'server'. all pcs & server have xp sp2, norton internet security (build in firewall), and connect to dsl line using 1 router/ gateway (build in firewall). however, they also already bought a cisco pix 501 firewall a while ago (they used vpn before). i'm just wondering should i set that firewall too? if i do that, would it be a bit too much? the router only have 4 ports. at the moment, i only use 1 socket to connect to the router. can use their existing dsl 300+ on another socket (they have 4 sockets), but will it stop the pcs from seeing each other on the network? if i can't use this socket (if it stops it from seeing each other), why the supplier install 4 sockets? i guess it probably means they can use

4 routers? when i try to map a drive to the 'server' (not a proper server, just microsoft windows, to act as a server), it won't show the other pcs on the 'network' although they are all on the same workgroup. i can only map it using ip address. any idea? i thought it could be the firewall (router) and changed the firewall settings to allow all applications, but still can't see it. any idea? thanks
Reply to
???
Loading thread data ...

"???" wrote in news:1131843987.205233.310990 @f14g2000cwb.googlegroups.com:

You should get rid of everything else and just use the PIX that is a FW appliance if possible. However, I don't know if the PIX will work on a DSL connection it should.

You can convert a router into a switch or go buy a standalone switch and plug it into the PIX as the gateway and machines connected to the PIX and the ones connected to the switch will be able to do resource sharing on the LAN.

I don't know what you're talking about.

Set the network up correctly.

Use the PIX as the gateway device for the WAN and LAN, get rid of the personal FW(s) on the machines as I don't think you know how to configure them for Windows networking and besides the machines are behind the PIX and is the only FW needed. You should enable logging on the PIX 501 and use Wallwatcher (free) I think it works for the 501.

Duane :)

Reply to
Duane Arnold

Hi Duane thanks for your advice..I also had a look around about some of the problems that i mentioned here earlier, and found out a few things:- My network was setup correctly, but because i dont have a dns server, i can't see it on my network places. i read that netbius should help. in addition, i also read that other people also have similar problems not seeing other pc in the workgroup.however, some of them got it work by restarting, or by mapping the other pc using ip address, then only it shows up.

i'm having mix responses about this fire wall- some said the network is too small- only 3/ 4 people, and all of them already have the norton thing. they themselves also spoke to a few people, and it looks like they might want to sell it on ebay now.

basically, i was wondering why bt put in 4 ports/ sockets on the wall, i thought they will only put in 1 line, and connect router/ swich from there. that's why i was wondering whether i can use the other socket/ port to connect to another pc. however, as soon as i connect a router on the other socket, it crashed the original router.

Reply to
???

"???" wrote in news:1132007716.120924.116690 @g43g2000cwa.googlegroups.com:

If you just had the PIX 501 connected to the modem and nothing else, no router -- no nothing else in the way, your network would be fine. The PIX

501 would use the ISP's DNS servers, the machines connected to the PIX, would get their IP(s) from the DHCP server on the PIX and all machines connected to the PIX would be able to share resources with each other with no problems. And even if you connected a standalone hub or swicth to a LAN port on the PIX to extend the LAN and connected machines to the hub or switch, all the machines using the PIX as the gateway device for the WAN or LAN would have no problems --- none.

That PIX 501 out-classes any personal FW solution running on the machines by a long distance. The PIX 501 is a network FW solution and Norton is a personal FW solution running at the machine level (running on the machine protecting the machine). They are not the same thing. And the Norton PFW can be circumvented and defeated by malware easily. That PIX 501 out- clasess any NAT router you have sitting there.

One doesn't use a personal FW in business situation to protect a machine or machines. One just does not do that. One really doesn't use a NAT router to protect a business situation either.

So what that there are three or four machines that the PIX is protecting, you should be using that PIX 501 to protect the *network* in a business situation and not some NAT router/Norton PFW solutions.

However, if it will ease some minds, then use Norton on the machines behind the PIX. But the reality is that PIX sitting there protecting the network, Norton is not needed.

They don't know what they have then and don't know how to use the PIX 501 due to their ignorance.

I don't know either. And maybe it's best that you just leave it alone.

What does a *Internet/network* FW do?

formatting link

formatting link
The PIX 501 is a network FW solution and out classes any personal FW solution.

Your users or whomever your getting your information from as to what to do are ignorant as to what should be done.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.