Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
FD-23
Explorer

Replacing a M390 Firebox with Check Point 1500

Hi,

We are changing our ISP to AT&T and told them we do not need a firewall or wireless capability. (We have both already)

So they sent us a CheckPoint 1500 that has firewall and wireless capabilities.  

With our current ISP configuration we have a M390 firebox with full Security Suite that connects into a Cisco 4321(current ISP equipment).  The Cisco 4321 connects into a ACCEDIAN unit (current ISP equipment). The ACCEDIAN unit connects into the CIENA on our wall where the demark is located. 

I think I know how to turn off the firewall and the wireless functions on the CheckPoint 1500.  What I don't know (and so far, no one at AT&T can tell me) how do I (and where do I) connect my current firebox into the Checkpoint 1500 so we will have internet connections. 

When I do a tracert on my current system, It hits the layer 3 switch first, then the M390 Firebox, the Cisco 4321 with ISP's gateway, and then the internet.  This configuration has worked great and we really don't want to change it.  (And in our AT&T meeting, we were told we did not have to change it)

So far, I have the CheckPoint on another circuit on the CIENA and the WAN connection. Using the static information and the gateway given to us by AT&T, the Wan is connected.

(By the way, I have my firebox set up with another external connection with the correct cidr notation and the gateway that AT&T supplied).

Just that final piece of connecting our firebox's new external connection with the CheckPoint 1500 is all we need.  We then can bypass the current ISP's equipment and conclude our testing before we formally discharge the current ISP.

Thank you advance for your suggestions and expert advice.    

FD-23

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

I forked this question from a comment you made on an unrelated post and edited the subject.
If it is not accurate, please edit it as appropriate.

In general, you should be able to plug the WAN port of your existing gateway into one of the LAN ports of the 1500.
That assumes your WAN on the other box is configured to obtain an IP via DHCP, otherwise it will need to be configured to be consistent with your LAN addresses on your 1500 Series.


0 Kudos
the_rock
Legend
Legend

Here is, in my opinion, best way to do this...call your ISP provided (AT&T) and have them configure your modem to bridge mode. Once done and box reboots, plug cable from LAN port (as bridge mode would leave just default (lan1)port available) to WAN port of 1500.

As @PhoneBoy said, depending how its configured, make sure it uses either assigned static IP or whatever config is given to it.

Hope that helps.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events