Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick 2700 Configuration run-through: Difference between revisions

← Older edit
Content deleted Content added
Reedy (talk | contribs)
editor
706 edits
m clean up, typos fixed: However → However,
Reedy (talk | contribs)
editor
706 edits
 
(9 intermediate revisions by 2 users not shown)
Line 15: Line 15:
Here we will build a config file for a FB2700, from scratch, it should help you to build a configuration for your line(s) and help you understand the XML syntax etc. The examples are relevant for ADSL (Be and BT) as well as FTTC/FTTP through AAISP.
Here we will build a config file for a FB2700, from scratch, it should help you to build a configuration for your line(s) and help you understand the XML syntax etc. The examples are relevant for ADSL (Be and BT) as well as FTTC/FTTP through AAISP.


These examples are based on V0.00.608 (2011-01-05), and future firmware releases may have different configuration requirements. Some people converting from a 105 may prefer to also use the 105 converter tool, and base that output on the configuration for your new 2700. more info at: http://www.firebrick.co.uk/fb105-2700.php
These examples are based on V0.00.608 (2011-01-05), and future firmware releases may have different configuration requirements.


We have an AAISP ADSL line with the following details:
We have an AAISP ADSL line with the following details:
Line 42: Line 42:
<ppp port="LAN4" username="startup_user@startup_domain" password="" comment="Example PPPoE config for DSL/FTTC/FTTP/etc"/>
<ppp port="LAN4" username="startup_user@startup_domain" password="" comment="Example PPPoE config for DSL/FTTC/FTTP/etc"/>
<services>
<services>
<ntp/>
<time/>
<telnet comment="Set allow IP list to restrict access"/>
<telnet comment="Set allow IP list to restrict access"/>
<http/>
<http/>
Line 60: Line 60:
Set yourself a user with full debug rights, e.g.:
Set yourself a user with full debug rights, e.g.:


<tabs>
<tab name="XML">
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<user name="john" timeout="PT20M" level="DEBUG" password="secret"/>
<user name="john" timeout="PT20M" level="DEBUG" password="secret"/>
</syntaxhighlight>
</syntaxhighlight>
</tab>
<tab name="GUI">
coming soon
</tab>
</tabs>



To explain the timeout a bit:
To explain the timeout a bit:
Line 80: Line 72:
Modify the ntp time server to use the AAISP time server:
Modify the ntp time server to use the AAISP time server:
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<ntp timeserver="time.aaisp.net.uk"/>
<time ntp-servers="time.aaisp.net.uk"/>
</syntaxhighlight>
</syntaxhighlight>

modify the telnet service to permit only access from your LAN:
Modify the telnet service to permit only access from your LAN:
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<telnet allow="192.0.2.0/28"/>
<telnet allow="192.0.2.0/28"/>
</syntaxhighlight>
</syntaxhighlight>

Set DNS servers and your domain name, under the services (here we're using the AAISP DNS servers:
Set DNS servers and your domain name, under the services (here we're using the AAISP DNS servers:
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
</syntaxhighlight>
</syntaxhighlight>

Note: If you are using PPPoE, then you can leave the resolves empty, and the FireBrick will obtain the DNS servers from the ISP.
Note: If you are using PPPoE, then you can leave the resolves empty, and the FireBrick will obtain the DNS servers from the ISP.


Line 131: Line 126:
<services>
<services>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<time/>
<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>
<telnet allow="192.0.2.0/28"/>
<telnet allow="192.0.2.0/28"/>
<http/>
<http/>
Line 154: Line 149:
= PPPoE =
= PPPoE =


More info on&nbsp;http://www.firebrick.co.uk/fb2700/pppoe.php
More info on&nbsp;https://www.firebrick.co.uk/support/knowledge-base/pppoe/


The [[FireBrick 2700]] supports PPPoE - so you can use it to connect via an xDSL modem, e.g. a:
The [[FireBrick 2700]] supports PPPoE - so you can use it to connect via an xDSL modem, e.g. a:
Line 202: Line 197:
<services>
<services>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<time/>
<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>
<telnet allow="192.0.2.0/28"/>
<telnet allow="192.0.2.0/28"/>
<http/>
<http/>
Line 264: Line 259:
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<rule-set name="Incoming Firewall Rules">
<rule-set name="Incoming Firewall Rules">
<rule name="SIP" source-ip="81.187.30.110-119" target-ip="192.0.2.0/28" target-port="5060-5069"/>
<rule name="SIP" source-ip="81.187.30.110-119" target-ip="192.0.2.0/28" target-port="5060-5069"/>
<rule name="RTP" target-ip="192.0.2.0/28" protocol="17" target-port="1025-5059 5070-" set-graph="RTP"/>
<rule name="RTP" target-ip="192.0.2.0/28" protocol="17" target-port="1025-5059 5070-" set-graph="RTP"/>
</rule-set>
</rule-set>
</syntaxhighlight>
</syntaxhighlight>
Line 319: Line 314:
<services>
<services>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<time/>
<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>
<telnet allow="192.0.2.0/28"/>
<telnet allow="192.0.2.0/28"/>
<http/>
<http/>
Line 329: Line 324:
</syntaxhighlight>
</syntaxhighlight>


'''DNS auto-config''':
==DNS auto-config==


( since release V0.02.039 )
(since release V0.02.039)


Setting 'ra=true' will enable auto-configuration of [[IPv6]] addresses, and of the Default Route.
Setting <tt>ra=true</tt> will enable auto-configuration of [[IPv6]] addresses, and of the Default Route.
You may also wish to configure [[IPv6]] DNS servers ( DNS servers that are to be queried over [[IPv6]] ).
You may also wish to configure [[IPv6]] DNS servers (DNS servers that are to be queried over [[IPv6]]).


There are a couple of different mechanisms available to push out [[IPv6]] DNS servers, and the FB2700 supports both.
There are a couple of different mechanisms available to push out [[IPv6]] DNS servers, and the FB2700 supports both.
Line 382: Line 377:
= Next Steps, Bonding a Second Line =
= Next Steps, Bonding a Second Line =


More info on&nbsp;http://www.firebrick.co.uk/fb2700/bonding.php
More info on&nbsp;https://www.firebrick.co.uk/support/knowledge-base/bonding/

ADSL and FTTC lines can be bonded, typically A&A customers bond a BT and a Be line for greater resilience. Multiple FTTC lines can be bonded together too in the same way.
ADSL and FTTC lines can be bonded, typically A&A customers bond a BT and a Be line for greater resilience. Multiple FTTC lines can be bonded together too in the same way.


Line 442: Line 438:
<services>
<services>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/>
<time/>
<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>
<telnet allow="192.0.2.0/28"/>
<telnet allow="192.0.2.0/28"/>
<http/>
<http/>
Line 458: Line 454:
<syntaxhighlight lang=xml>
<syntaxhighlight lang=xml>
<usb>
<usb>
<dongle username="startup_user@startup_domain" password=""/>
<dongle username="startup_user@startup_domain" password=""/>
</usb>
</usb>
</syntaxhighlight>
</syntaxhighlight>
Retrieved from "http://support.aa.net.uk/FireBrick_2700_Configuration_run-through"