Results 1 to 8 of 8

Thread: Smoothwall Express 2.0 Firewall for Beginners – Part One

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    137

    Smoothwall Express 2.0 Firewall for Beginners – Part One

    Hi AO,

    I will take a crack at writing a tutorial for this site. I have never done one before - this is my first. Please be kind. Please feel free to post or PM me your thoughts or suggestions for improvement and I will try my best to implement them into Parts 2 and 3 - if there is community interest.

    RY


    Smoothwall Express 2.0 Firewall for Beginners – Part One

    Q: What is Smoothwall?
    Smoothwall is a firewall based on GNU/Linux. For more information, please visit: http://www.smoothwall.org/. This tutorial is written for the beginner who has not setup a firewall product before and does not have much hands on experience with Linux. This tutorial covers basic setup of Smoothwall. If I get positive feedback and these seems to be an interest in more, I will write up “Part Two – Smoothwall Configuration & Patching for Beginners” and “Part Three – Smoothwall Advanced Setup”.

    For this tutorial, the test network setup is as follows:

    Internal Interface/Network card [GREEN] [10.0.0.0/24] ---> Smoothwall Firewall ---> External Interface/Network card [RED] [20.0.0.0/24] ---> World Wide Web/Internet

    What you will need:
    - A computer with a BIOS that can be set to boot from CD-ROM. Most modern computers have it.
    - A CD burner to burn the ISO image.
    - You will also need 2 network cards for GREEN/RED mode setup. For this tutorial I will only cover GREEN/RED mode. You can also setup with 3 network cards, GREEN/ORANGE/RED mode – the ORANGE interface being your DMZ. You may want to make note and write down the MAC addresses of the cards at this point. It will help you identify which network card is which later on, especially if you have network cards made by the same manufacturer.

    Get Smoothwall:
    Goto http://www.smoothwall.org/get/ and download the ISO image. Burn the image onto a CD Rom. You have a choice between an ISO with manuals (45.46mb) and an ISO without manuals (33.78mb). Get the manuals, you will need them.

    1.Go into your computer BIOS settings and set the computer to boot from:
    CD-ROM First
    IDE Hard drive Second.

    While you are there, you might as well disable audio and power management. you won't need them.

    2.Insert Smoothwall CD into CD-ROM and start up the machine. The machine will boot into Smoothwall.

    3.At the boot screen, just press ENTER to continue. The first screen you get will be the Smoothwall welcome screen. Press ENTER to continue.

    4.Installation Media
    TAB to CD-ROM, TAB to OK and press ENTER

    5.Hard Drive Preparation.
    NOTE: SMOOTHWALL WILL ERASE ALL THE DATA ON THE HARD DRIVE! Make sure you don't have anything important on it. Press ENTER to continue.

    6.Set up GREEN Network Interface.
    The Green interface is your “internal” network. The one that you want to protect from the outside world.
    Press ENTER to “Probe” (look for a network card).
    Once it finds the network card, TAB to OK and press ENTER to select it.
    Make note of the MAC address, this is an alpha numeric number and will look something like this “00:XX:XX:XX:XX:XX”, the “X's” will be either numbers of letters.

    7.Assign Internal IP address.
    For this tutorial we will use 10.0.0.0/24. You can use any private IP address allocation.
    TAB to IP Address, type 10.0.0.1
    TAB to Subnet Mask, leave it at 255.255.255.0
    TAB to OK and press ENTER

    8.Install Complete.
    Remove CD.
    The next screen is restore prompt. Just press ENTER to continue. We have nothing to restore.

    9.TAB to select your keyboard language. TAB to OK to continue.

    10.Machine Host name.
    For this tutorial we will leave it at the default setting which is host name “smoothwall”. But you should change that to something less descriptive later on. NEVER USE OS NAME FOR SERVER HOST NAME!
    TAB to OK and press ENTER. TAB to OK and press ENTER again.

    11.TAB to DISABLE ISDN and press ENTER.

    12.TAB to DISABLE ADSL and press ENTER.

    13.Network Configuration Menu. Select your GREEN network interface.
    Select “Network Configuration Type” press ENTER.
    Select GREEN / RED press ENTER

    Select “Driver and cards assignments” press ENTER.
    Press ENTER to PROBE
    Select 2nd Network Card / RED press ENTER. THIS IS YOUR EXTERNAL NETWORK CARD. THIS IS WHERE YOU WILL PLUG IN YOUR Internet connection.

    Select “Address Settings” press ENTER.
    Scroll Down to RED interface press ENTER.|
    Select DHCP if you ISP assigned you a IP or static if your IP doesn't change. You will need to type in the settings. For this tutorial we will use 20.0.0.0/24. Our assigned IP is 20.0.0.20. Type that in. TAB to DONE press ENTER

    Scroll down to “DNS and Gateway settings”, TAB to OK press ENTER. For this tutorial the gateway is 20.0.0.1 and DNS servers are 20.0.0.2 and 20.0.0.3 (You will need to get that info from your ISP for your setup.)
    type 20.0.0.2 and 20.0.0.3 for primary & secondary DNS
    type 20.0.0.1 for gateway
    TAB to OK press ENTER
    TAB to DONE press ENTER

    14.Enable DHCP

    We will enable DHCP address assignment for our internal network.
    We will leave it at default settings for this tutorial. Starting at 10.0.0.100 to 10.0.0.200.
    TAB to OK press ENTER

    15.Assign passwords
    Type in the password you want to use for the “admin” account.
    For this tutorial we will use “MyPassword”

    Type in the password you want to use for the “root” account.
    For this tutorial we will use “MyPassword”

    Type in the password you want to use for the “setup” account.
    For this tutorial we will use “MyPassword”

    NEVER USE THESE PASSWORD! AND NEVER MAKE THEM ALL THE SAME !
    ALWAYS USE STRONG PASSWORD FOR SERVERS AND CHANGE THEM REGULARLY – AT LEAST EVERY 3 MONTHS!


    16.Setup Complete
    Press ENTER to reboot the machine

    You have just setup your first firewall! Congratulation's! :-)
    If you want to see what it looks like, press ENTER at the Smoothwall boot screen.

    At the login prompt login as “root”.

    To login:
    at the “smoothwall login:” type “root” and press ENTER
    at the “password:” type “MyPassword” and press ENTER

    If you are successful, you will see “[root@smoothwall root]#” on your screen.

  2. #2
    Junior Member
    Join Date
    May 2005
    Posts
    1

    Thumbs up Thanks

    Thanks this was clear and easy to get and falow.
    I hope to see ta next part.
    thanks again keep good work

  3. #3
    I would also very much enjoy follow-up articles on this same topic.

    Right now I have an old P3 machine that is sitting around collecting dust that could be used for this purpose.

    From what I've heard on AO and other security related sites, this is one of the best solutions out there and the price is hard to quibble with.

    Bring on the articles!
    ∞Boundless∞

  4. #4
    Thank you for this tutorial. I have installed Smoothwall within MS Virtual Machine, but after that I had no clue how to configure it. I can now experiment.

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Good Evening

    Been using Smoothwall since the beta and have not been disappointed with it. However it's not the only one. IPCop is another one that I believe is a little easier to config. But regardless, here's how I have mine setup:

    DSL Modem > Smoothwall or IPCop > Router > Computers

    Remember this is only one part of your layered defense and should not be the sole guardian of your treasures.

    cheers
    Connection refused, try again later.

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Boundless: For future references, try to watch the stuff you reply to (the date it was posted). People usually don't like old threads being brought up (notice the blinking date). Just trying to help.
    Space For Rent.. =]

  7. #7
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Well some times it isnt to bad.. esp with Tutorials.. but adding to rather than congratulating..

    Just wondering if rowdy_yates will honour us with Part 2, 3 or 4?

    or if any one would bother with the next steps.. the IDS scanner setup.. or setting up the proxy.. I hear that Snort rules can be applied?!? and most importantly..UPDATES.. and remote access, remote shell.. dambed I am sure I have missed someareas that could be covered with in the enviroments of Smoothwall..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  8. #8
    @Spyder32: Thank you for the pointer. I added feedback because I am very much interested in seeing a follow-up guide if the author is still interested in publishing one.

    @Relyt: Would you say that Smoothwall is more feature rich than IPCop once you get the hang of it? It seems like one should pursue the option that provides the better benefits in the long run, even if it has a slight learning curve. Thanks for your help!
    ∞Boundless∞

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •