Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick 2700 Configuration: Difference between revisions

FireBrick 2700 Configuration (view source)

Revision as of 11:45, 20 August 2014

68 bytes added ,  20 August 2014
m
no edit summary
mNo edit summary
<syntaxhighlight>
<interface name="LAN" port="LAN" ra-client="false">
<subnet ip="110.20.30.41/24 2001:8b0::1/64"/>
</interface>
</syntaxhighlight>
<syntaxhighlight>
<interface name="LAN" port="LAN" ra-client="false">
<subnet ip="110.20.30.41/24 2001:8b0::1/64" ra="true" ra-mtu="1480" ra-dns="2001:8b0::2020 2001:8b0::2021"/>
</interface>
</syntaxhighlight>
<syntaxhighlight>
<interface name="LAN" port="LAN" ra-client="false">
<subnet ip="110.20.30.41/24 2001:8b0::1/64" ra="true" ra-mtu="1472" ra-dns="2001:8b0::2020 2001:8b0::2021"/>
</interface>
</syntaxhighlight>
Connect to AAISP over PPPoE session (with NAT):
<syntaxhighlight>
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" nat="true" graph="AAISP" log="default"/>
</syntaxhighlight>
Connect to AAISP over PPPoE session (without NAT):
Connect to AAISP over PPPoE session (with MTU 1500 and NAT):
<syntaxhighlight>
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" nat="true" mtu="1500" graph="AAISP" log="default"/>
</syntaxhighlight>
Connect to AAISP over PPPoE session (with MTU 1500 but without NAT):
Connect to AAISP over PPPoE session (with MTU 1500, 3G dongle tweaks and NAT):
<syntaxhighlight>
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" nat="true" mtu="1500" lcp-rate="1" lcp-timeout="5" graph="AAISP" log="default"/>
</syntaxhighlight>
Connect to AAISP over PPPoE session (with MTU 1500, 3G dongle tweaks but without NAT):
Connect to AAISP over 3G dongle (with NAT):
<syntaxhighlight>
<dongle name="AAISP-3G" username="me@a.2" password="secret" nat="true" graph="AAISP-3G" log="default"/>
</syntaxhighlight>
Connect to AAISP over 3G dongle (without NAT):
Connect to AAISP over 3G dongle (with APN and NAT):
<syntaxhighlight>
<dongle name="AAISP-3G" apn="m2m.aql.net" username="me@a.2" password="secret" nat="true" graph="AAISP-3G" log="default"/>
</syntaxhighlight>
Connect to AAISP over 3G dongle (with APN but without NAT):
Allow inbound calls to your VoIP Phone, if you register it with Voiceless:
<syntaxhighlight>
<rule name="SIP" source-ip="81.187.30.110-119 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48" target-ip="110.20.30.43" target-port="5060" action="accept"/>
<rule name="RTP" source-ip="81.187.30.110-119 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48" target-ip="110.20.30.43" target-port="1024-65535" protocol="17" action="accept"/>
</syntaxhighlight>
Allow inbound calls to your Snom Phone, if you register it with Voiceless:
<syntaxhighlight>
<rule name="SIP" source-ip="81.187.30.110-119 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48" target-ip="110.20.30.43" target-port="5060" action="accept"/>
<rule name="RTP" source-ip="81.187.30.110-119 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48" target-ip="110.20.30.43" target-port="49152-65534" protocol="17" action="accept"/>
</syntaxhighlight>
 
==VoIP:==
VoIP with IPv6 source IP defined:
<syntaxhighlight>
<voip source-ip6="2001:8b0::1">
</logvoip>
</syntaxhighlight>
VoIP with IPv4 and IPv6 source IPs defined:
<syntaxhighlight>
<voip source-ip4="1x.2x.3x.4x" source-ip6="2001:8b0::1">
</voip>
</syntaxhighlight>
Connect to AAISP over PPPoE session (with NAT):
<syntaxhighlight>
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" nat="true" graph="AAISP" log="default"/>
</syntaxhighlight>
==Without NAT:==
<syntaxhighlight>
<?xml version="1.0" encoding="UTF-8"?>
 
<config xmlns="http://firebrick.ltd.uk/xml/fb2700/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://firebrick.ltd.uk/xml/fb2700/ http://firebrick.ltd.uk/download/FB2701/xml/fb2700/1.31.000.xsd"
patch="20687">
<system contact="John Doe" log-panic="fb-support"/>
 
<user name="admin" password="secret" timeout="0"/>
<system contact="John Doe" log-panic="fb-support"/>
<log name="default" comment="General logging for web viewing"/>
 
<log name="fb-support" comment="Log target for sending logs to FireBrick support team">
<user name="admin" password="secret" timeout="0"/>
<email to="crashlog@firebrick.ltd.uk" delay="10" comment="Crash logs emailed to FireBrick support team"/>
 
</log>
<log name="default" comment="General logging for web viewing"/>
</services>
 
<ntp/>
<log name="fb-support" comment="Log target for sending logs to FireBrick support team">
<telnet/>
<email to="crashlog@firebrick.ltd.uk" delay="10" comment="Crash logs emailed to FireBrick support team"/>
<http/>
</log>
<dns resolvers="217.169.20.20 217.169.20.21 2001:8b0::2020 2001:8b0::2021"/>
 
</services>
<port name="WANLAN" ports="41 2 3"/>
<ntp ntpserver="time.aa.net.uk"/>
<port name="WAN" ports="4"/>
<telnet/>
<interface name="LAN" port="LAN" ra-client="false">
<http/>
<dnssubnet resolversip="21710.1690.200.20 217.169.20.21 2001:8b0::20201/24 2001:8b0::20211/64"/>
<dhcp name="DHCP" ip="10.0.0.1-254" lease="1:00:00"/>
</services>
</interface>
 
<portinterface name="LANWAN" portsport="1WAN" 2 3ra-client="false"/>
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" graph="AAISP" log="default" nat="true"/>
<port name="WAN" ports="4"/>
<rule-set name="Firewall: LAN" target-interface="LAN" no-match-action="reject" comment="Default firewall rule for traffic to LAN">
 
<rule name="Allow Firebrick" source-interface="self" comment="Allow all from the FireBrick to LAN"/>
<interface name="LAN" port="LAN" ra-client="false">
</rule-set>
<subnet ip="10.0.0.1/24"/>
<dhcp name="DHCP" ip="10.0.0.1-254" lease="1:00:00"/>
</interface>
 
<interface name="WAN" port="WAN" ra-client="false"/>
 
<ppp name="AAISP" port="WAN" username="me@a.1" password="secret" graph="AAISP" log="default"/>
 
<usb>
<dongle name="AAISP-3G" username="me@a.2" password="secret" graph="AAISP-3G" log="default"/>
</usb>
 
<route ip="::/0" gateway="81.187.81.6" comment="IPv6 default route using IPv4 tunnel"/>
 
<rule-set name="Firewall: LAN" target-interface="LAN" no-match-action="reject" comment="Default firewall rule for traffic to LAN">
<rule name="Allow Firebrick" source-interface="self" comment="Allow all from the FireBrick to LAN"/>
</rule-set>
 
</config>
</syntaxhighlight>
CrazyTeeka
editor
426

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/6170