|firewall, router solution of Moiseenko A.A.|
Fast configuration for “RusRoute firewall” 2.1.8 program (routing firewall, Internet gateway).
1. System requirements.
RusRoute firewall can run under Windows 7/8/8.1/10/ Server 2008 R2 and later.
2. Download the latest version of RusRoute firewall from http://rusroute.com/.
3. Start setup program with administrative rights, select language, read the license agreement and press Accept.
4. Setup is remainding that RusRoute firewall is working with Secure Boot is disabled, and suggest to make registry changes for TCP/IP Offload disabling (You should do it at the first start and after the adding of new NIC adapters to a system). The registry changes are taken in effect after reboot. You should to start setup again after reboot.
5. The vpn driver and driver-filter RusRoute are installed at the first. RusRoute firewall GUI application will be started and connected to a RusRoute firewall service.
6. RRGui.exe is showing the dialog of the next to do steps when RusRoute firewall is disabled (for example, at the first start). Thease steps are to create firewall rules by using firewall rules Wizard on the rules page and to enable RusRoute firewall on the Setting page.
7. All configuration changes are applyed by pressing "Apply" button.
8. It is strongly recommended to use static IP address assignments for all NIC adapters of RusRoute firewall PC excluding VPN NIC adapter.
9. The standard Windows firewall must be disabled for RusRoute firewall working properly.
10. The firewall rules Wizard can create the restricted typical set of firewall rules. You probably need to extend the lists of adapters, IP addresses and protocols, increase the size of HTTP cache, and also manually create some firewall rules for more precise tuning up of the firewall.
11. We are recommending to set up DHCP server on RusRoute firewall LAN adapter for automatic IP addresses assignment for LAN devices. For example if RusRoute firewall is using address 192.168.1.1 with mask 255.255.255.0 (/24) for LAN adapter, then you can select LAN adapter for DHCP server on DHCP servers page and use IP adresses pool of 192.168.1.2-192.168.1.254, mask 255.255.255.0 for it, press Apply.
12. You can view some information about the network traffic passing through the firewall on the "Protocols | Common logs" page. Without invoking complex technology description of RusRoute firewall, we're letting you know that TCP connections, both incoming and outgoing, are redirected to local ports 10001-10003 at first, new outgoing connections with IP addresses and ports substitution are passed to the next destination later. Therefore, the RusRoute firewall's working for TCP is like a transparent proxy with effect of real routing. For other protocols the network packets are moved between adapters like a real routing do it.
13. For authorization of users in the RusRoute system, web-http access for browser to the port 10000 of firewall (protocol "RusRoute http authentication") and Captive Portal redirect of HTTP protocol (80 port) for not authorized users to a port 10000 are used for authorizaton.
For example, if the RusRoute firewall address is 192.168.1.1 and subnet mask 255.255.255.0, then users from this subnet mask can access it using their browser by typing http://192.168.1.1:10000 in the address bar or making this address page their start page.
You can also authorize by using address http://127.0.0.1:10000 from the RusRoute firewall PC.
14. The registration indformation is entered in the About page.
15. Good luck you to set up and using your network !
PS: Description of set up and tuning up the internal local area network is not for this article’s subject. In short, the simplest way to use the RusRoute firewall program is to use the next settings: for network adapter connected to local area network use IP address 192.168.1.1, subnet mask 255.255.255.0 and the gateway IP and DNS to leave blank for LAN adapter, but for Internet adapter use the usual settings for IP address, gateway and DNS server IP. You have to use unique addresses in the range 192.168.1.2-192.168.1.254 for network devices cards connected to LAN and use default gateway IP and DNS IP as a RusRoute firewall internal IP, that is 192.168.1.1. And you also have to make a setting in RusRoute (in the 13th step of firewall rules Wizard) to redirect PCs DNS requests of LAN to the external DNS server IP, recognized by the system. Set startup page http://192.168.1.1:10000 in the PCs' browsers connected to the local area network.
The next, you can not set up explicit TCP/IP parameters on users computers (IP address, mask, gateway, DNS) if you start build-in RusRoute firewall DHCP server as described in 11 step of this description.