FireBrick 2700 Configuration run-through: Difference between revisions

← Older edit

FireBrick 2700 Configuration run-through (view source)

Revision as of 22:57, 26 March 2022

431 bytes removed , 26 March 2022

→‎Setting up 3G Fallback: indenting

Reedy

editor

698

edits

Revision as of 23:59, 14 March 2017 (view source) Reedy (talk \| contribs) m (clean up, typos fixed: However → However,) ← Older edit		Latest revision as of 22:57, 26 March 2022 (view source) Reedy (talk \| contribs) (→‎Setting up 3G Fallback: indenting)
(9 intermediate revisions by 2 users not shown)
Here we will build a config file for a FB2700, from scratch, it should help you to build a configuration for your line(s) and help you understand the XML syntax etc. The examples are relevant for ADSL (Be and BT) as well as FTTC/FTTP through AAISP. These examples are based on V0.00.608 (2011-01-05), and future firmware releases may have different configuration requirements. ~~Some people converting from a 105 may prefer to also use the 105 converter tool, and base that output on the configuration for your new 2700. more info at: http://www.firebrick.co.uk/fb105-2700.php~~ We have an AAISP ADSL line with the following details: <ppp port="LAN4" username="startup_user@startup_domain" password="" comment="Example PPPoE config for DSL/FTTC/FTTP/etc"/> <services> <~~ntp~~time/> <telnet comment="Set allow IP list to restrict access"/> <http/> Set yourself a user with full debug rights, e.g.: ~~<tabs>~~ ~~<tab name="XML">~~ <syntaxhighlight lang=xml> <user name="john" timeout="PT20M" level="DEBUG" password="secret"/> </syntaxhighlight> ~~</tab>~~ ~~<tab name="GUI">~~ ~~coming soon~~ ~~</tab>~~ ~~</tabs>~~ To explain the timeout a bit: Modify the ntp time server to use the AAISP time server: <syntaxhighlight lang=xml> <~~ntp~~time ~~timeserver~~ntp-servers="time.aaisp.net.uk"/> </syntaxhighlight> ~~modify~~Modify the telnet service to permit only access from your LAN: <syntaxhighlight lang=xml> <telnet allow="192.0.2.0/28"/> </syntaxhighlight> Set DNS servers and your domain name, under the services (here we're using the AAISP DNS servers: <syntaxhighlight lang=xml> <dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/> </syntaxhighlight> Note: If you are using PPPoE, then you can leave the resolves empty, and the FireBrick will obtain the DNS servers from the ISP. <services> <dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/> <time/> ~~<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>~~ <telnet allow="192.0.2.0/28"/> <http/> = PPPoE = More info on ~~http~~https://www.firebrick.co.uk/~~fb2700~~support/knowledge-base/pppoe~~.php~~ / The [[FireBrick 2700]] supports PPPoE - so you can use it to connect via an xDSL modem, e.g. a: <services> <dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/> <time/> ~~<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>~~ <telnet allow="192.0.2.0/28"/> <http/> <syntaxhighlight lang=xml> <rule-set name="Incoming Firewall Rules"> <rule name="SIP" source-ip="81.187.30.110-119" target-ip="192.0.2.0/28" target-port="5060-5069"/> <rule name="RTP" target-ip="192.0.2.0/28" protocol="17" target-port="1025-5059 5070-" set-graph="RTP"/> </rule-set> </syntaxhighlight> <services> <dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/> <time/> ~~<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>~~ <telnet allow="192.0.2.0/28"/> <http/> </syntaxhighlight> ~~'''~~==DNS auto-config~~''':~~== ( since release V0.02.039 ) Setting '<tt>ra=true'</tt> will enable auto-configuration of [[IPv6]] addresses, and of the Default Route. You may also wish to configure [[IPv6]] DNS servers ( DNS servers that are to be queried over [[IPv6]] ). There are a couple of different mechanisms available to push out [[IPv6]] DNS servers, and the FB2700 supports both. = Next Steps, Bonding a Second Line = More info on ~~http~~https://www.firebrick.co.uk/~~fb2700~~support/knowledge-base/bonding~~.php~~ / ADSL and FTTC lines can be bonded, typically A&A customers bond a BT and a Be line for greater resilience. Multiple FTTC lines can be bonded together too in the same way. <services> <dns domain="yourdomain.tld" resolvers="217.169.20.20 217.169.20.21"/> <time/> ~~<ntp timeserver="90.155.53.32 2001:8B0:0:53::5A9B:3520"/>~~ <telnet allow="192.0.2.0/28"/> <http/> <syntaxhighlight lang=xml> <usb> <dongle username="startup_user@startup_domain" password=""/> </usb> </syntaxhighlight>