MAX, the NetMAX Mascot NetMAX Support Simplifying Linux!
Menu Options: Contact Support Menu Knowledge Base Menu User Forum Menu Downloads Menu Documentation Menu Back to NetMAX front Menu

Installing NetMAX for use with a xDSL (ADSL, SDSL, etc) or cable modem connection.

Installation Guidelines

The following are instructions for a typical setup using the NetMAX Firewall/Router as a router and firewall between an internal network and a cable or DSL modem/router. To use your NetMAX Fire Wall as a router or a firewall, you will need at least two ethernet Network Interface Cards (NICs). The first NIC is going to be connected to your internal network and will be be the default gateway that your network clients will use to reach the external network. We refer to this NIC as your "internal NIC", since it's on your internal network. The second NIC is going to be connected to your cable or DSL device. We call this second NIC your "external NIC", since it's logically sitting on an external network. With this configuration, your NetMAX Fire Wall will be between your internal network and the external network (usually the Internet is your external network).

Most users who implement the NetMAX Fire Wall do not already have an internal network, or a firewall. So these instructions will help you set up your internal network, and configure your Fire Wall to be used as a router between your internal network and the Internet with the ability to implement firewall rules to protect your internal network from the Internet.

Once you have this configuration properly set up, it will allow the client machines on your internal network to reach the Internet through the NetMAX Fire Wall, so that they are all sharing the Internet connection provided by your cable or DSL service.

The NetMAX installation procedure is only going to configure the first NIC in your machine, so to avoid confusion on which one is being set up during the installation, you will want to start your installation with only one NIC physically installed in the machine. To make the installation simple, you will also want to configure your internal NIC first, so you should take out your external NIC if it is already installed.

If you currently have a machine that is connected to the cable or DSL device with a NIC, you should remove the NIC from the current machine and use this same NIC as the external adapter for your NetMAX Fire Wall if it is listed on the hardware compatibility list for the version of NetMAX that you own. The reason for this is because many ISP's cable or DSL device (or their router) will be configured to ignore any traffic that does not come from the NIC that you were originally using. You may want to contact your ISP to see if the NIC that you are using for your external NIC is going to work with their routing hardware and software. Also, if your ISP gave you ANY software (ie. PPP Over Ethernet (PPPOE)) that needs to run on your machine in order to connect to their service, more than likely it is not going to be able to run on your NetMAX, and so you will not be able to use the NetMAX to connect to their service.

We recommend using two PCI (as opposed to the older and slower ISA) NICs. Some brands of NICs don't work well in pairs (having two of the same brand/model of NIC in the same machine). The reason for some NICs not working in pairs is because the Linux driver for the NIC may not have been written to support more than one NIC using the same driver, because not too long ago, it was assumed by the manufacturer of the NIC that you would never need more than one NIC in a machine. We do not recommend using two ISA NICs in your NetMAX machine as there are many dual ISA configurations that may not work.

We recommend always using the Remote Install Method, unless you absolutely must use the NetMAX Fire Wall as a workstation.

It is very important to click on the question mark (?) when using the NetMAX if you are unsure of what a function or setting does.

  1. Follow the instructions in your NetMAX Installation Manual all the way trough, keeping the following in mind:

  1. When you are asked for an IP address type, you will want to select "Static".

    If you don't already have a valid IP address to use for your NetMAX Fire Wall, and are not sure how to address your network, please use one of the below options, which are IP address ranges specifically reserved for internal use. These IP address ranges are often referred to non-routeable IP addresses, because there is no route to connect to them from the Internet, since they are private and can not reside on the Internet.

    OPTION 1:
    NetMAX IP Address (and netmask): 192.168.0.1/255.255.255.0
    Network Client IP addresses: 192.168.0.2 - 192.168.0.254 (Class C network with 253 assignable IPs)

    OPTION 2:
    NetMAX IP Address (and netmask): 10.0.0.1/255.0.0.0
    Network Client IP addresses: 10.0.0.1 - 10.255.255.254 (Class A network with 16581374 assignable IPs)

    You will need to specify a domain name for your network. If you don't plan on using your NetMAX as a DNS server for a valid domain name that is registered with Internic (or don't even know what that means), then you should specify a "fake" domain name that you will use internally only. We have reserved mynetmax.net for this purpose, and you may enter this as your domain name.

  2. After you finish with the Installation Manual, you will then want to refer to the "Initial Setup Procedure" section of your User Manual, keeping the following in mind:

    When you are prompted for a Primary DNS Server, you are being asked for the nameserver addresses that more than likely your ISP has provided to you. Because this server is going to reside on your external network (the Internet), you will want to leave this field blank for now, because you can not set it up until you add your external NIC later. If you have an internal nameserver, then you can enter it's IP address here.

    When you are prompted for a Default Router, you are being asked for the IP address of the gateway/router off of your ISP's network. Because this IP address is also going to reside on your external network (the Internet), you will want to leave this field blank for now, because you can not set it up until you add your external NIC later.

    After you set the clock, and follow the on-screen message to commit the changes, ensure that you go to Home|Users|Login Access, check the boxes to enable login acces, and enter a root password. If you do not perform this step when using the Console Install Method, you will not be able to login to the console after you log out.

  3. Now that the NetMAX Fire Wall is configured, you will want to shutdown your NetMAX machine. From Home|Shutdown, select Immediate Shutdown. After your machine has shutdown and been powered off, insert your second (external) NIC into the NetMAX machine and power it back on. If this second NIC is ISA, you will need to run eprobe from the boot prompt (you will have 30 seconds to run the command when your NetMAX machine is booting up).

  4. The NetMAX should recognize the newly inserted NIC, and you can now configure it under Home|Network|Interfaces, by clicking on the pencil next to the second (the external) NIC. If you do not see the second NIC listed, please read the Advanced Configuration section of your Installation Manual (if it applies), the Troubleshooting section of your Installation Manual, and search the Knowledge Base on our web site.

    It's always possible that upon entering your second NIC, that NetMAX would actually find the newly added NIC before it finds the previously existing NIC. If that happens, your eth0 and eth1 could get swapped. If this happens, don't let it confuse you. But it is possible that you will need to switch the network cables running into your NetMAX Fire Wall.

    Also, if you don't see the second NIC listed in Home|Network|Interfaces, it's possible that you don't have the NetMAX Fire Wall product, but instead may have a different NetMAX product that doesn't support more than one NIC. You can verify that you have NetMAX Fire Wall or Professional by going to Home|Network and ensuring that you have the DHCP option listed in that menu.

  5. After you click on the pencil, enable the NIC by ensuring that the "Enable This Interface" check box is checked.

  6. If you have configured your internal network on non-routeable IP addresses, you will need to "Enable IP Network Address Translation (NAT)" for this NIC so that your internal clients will be able to communicate over the Internet.

  7. If your ISP gave you an IP address to assign to your computer, or a range of IP addresses, you will want to check the box that says "Use Fixed Netmask and IP Address(es)" and enter your IP address (or one of the range that they gave you to use) and your "Netmask".

  8. If your ISP did not give you an IP address or netmask for your computer, or if they told you to use DHCP, then you will be getting an IP address dynamically assigned to you. To use this method, check the box that says "Obtain Netmask and IP Address via DHCP". Even if you are using DHCP, you must still enter an IP address and netmask. These "default" parameters will be used if your ISP's DHCP server fails to service your DHCP request (for an IP address and netmask).

    If your ISP gave you a hostname to assign to your computer, ensure that you assign this to your external NIC in Home|Network|Naming, because your ISP may be using this information to authorize your DHCP request.

  9. Click on STORE, then COMMIT, and commit your changes to finish the configuration of your external NIC. If you have configured it for DHCP, your NetMAX machine will now attempt to obtain an IP address and netmask from your ISP's DHCP server.

  10. You now need to configure your Primary DNS server and Default Gateway that we left blank when configuring the internal NIC:

  11. You may not have been given the IP address of a default router from your ISP if you are using DHCP to retrieve it from your ISP. In that case you can skip this step.

    From Home|Network|Routing check the box that says "Use IP Address for Default Router", enter your ISP's default router in the box, click on STORE, then COMMIT, and commit the changes.

  12. From Home|Network|DNS, click on the SERVER tab and check the box that says "Allowed to use InterNIC".

    Click on the CLIENT tab, "Add" the IP addresses of the nameservers that your ISP provided to you, click on STORE, then COMMIT, and commit the changes.

  13. Configuring your client machines :

    Setting up your client machines correctly is important in order for them to correctly reach outside of your network.

    If you setup the internal NIC of your NetMAX Fire Wall at 192.168.0.1/255.255.255.0, you will need to make sure that your client machines are setup to be in the same network. So, a client machine should have an ethernet NIC with the IP/netmask of 192.168.0.2/255.255.255.0, and another client machine could be setup as 192.168.0.3/255.255.255.0. You will also need to ensure that each client is "physically" connected into the same network.

    It is also important that your client machines point to the correct router (or gateway) and DNS. Both of these (default router/gateway and DNS) need to be set to the IP address of the internal NIC on your NetMAX Fire Wall.

    When configuring the web browser on your client, set it up to access the Internet directly, and not through a proxy server. By default, the NetMAX is NOT a proxy server; it is a router.

Note: In your two NIC setup, the external NIC that is the connection to your provider is the interface that has NAT enabled and any firewall rules setup on it. On the internal NIC, you do not enable NAT and you do not setup firewall rules. Also, make sure that your clients can get out to the Internet before setting up your firewall rules. This will make it easier to determine if it is a firewall rule that is interfering with their ability to access the Internet.

<Back>


Documentation Notes:

New! NetMAX Web Site Setup "How-To" Guide.

NetMAX DNS Setup "How-To" Guide.

NetMAX Firewall Rules "How-To" Guide.

The configuration documentation has both pre-install and post-install information.

NetMAX user manuals and installation manuals are available online.
Cybernet Systems CorporationAll NetMAX materials are copyright, Cybernet Systems Corporation. Copyright Notice