| Bill Jonas on Sat, 9 Feb 2002 18:57:14 -0500 |
|
On Sat, Feb 09, 2002 at 05:11:41PM -0500, Bill Patterson wrote: > Does anyone have any ideas for me on how to get the firewall working again? > (It's a DI-704 gateway from D-Link.) I think that hardware firewalls tend to let you be able to reconfigure their MAC addresses. Perhaps they're detecting its MAC address, presuming it's a firewall, and denying it. If you can reconfigure its MAC address, try that. Explanation: MAC addresses are handed out in blocks by a central authority. (Not overly dissimilar from IP addresses.) Each manufacturer's devices, therefore, have the same prefix. (Or, if the manufacturer runs out, then they would get another block and the manufacturer would have two prefixes.) Depending on the manufacturer, they might subdivide their MAC address blocks between product lines. So it's quite possible that they're determining that it's a firewall based on its MAC address. Assuming you can change it, then you might be able to fool them. Note that it's a 12-byte value, usually expressed in hexadecimal with colons between every two bytes. Examples of valid MAC addresses would be 00:00:00:c0:ff:ee and 00:00:de:ad:be:ef. I've heard that this is done through the web interface for your firewall. If you know SNMP, it's likely that it would be configurable through it as well. I'd just poke around whatever setup tools you have for the machine and see what options you have. Note that I have no idea if this will actually work. PS: My OpenBSD firewall is still chugging along, despite two very long outages since the switchover. I haven't run any of their software. -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ Developer/SysAdmin for hire! See http://www.billjonas.com/resume.html Attachment:
pgpx5RA5qvlIu.pgp
|
|