SmoothWall
I must say, I’m rather dissapointed with my “SmoothWall experience” so far. I’ve been tasked with setting up a SmoothWall firewall/proxy machine at work, and from what I’ve read, it’s like the best thing since sliced bread.
Unfortunately I cannot agree.
The installation tends to go fine, it partitions the hard disk by itself, installs fairly fast, then steps through a simple setup ‘wizard’. Here we are prompted if we want to enable or disable ADSL. Now, I want SmoothWall to connect via our ADSL line. BUT, it seems the developer’s idea of “ADSL” is in fact “USB ADSL Modem”.
Anyway, after figuring that one out, and after much shuffeling of subnets and IPs between the router, SmoothWall, and my PC, I finally get it to use the router as a gateway. I try visiting some sites - DNS lookups fail. I take a look in all the log options on SmoothWall, and find the firewall is blocking DNS traffic, and is trying to route everything through the same (”Green”) NIC, rather than the second (”Red”) one.
Sooo, turns out I can fix this by running the “setup” tool again, and ‘pretending’ to change the IPs, so it resets everything (re-writes the firewall rules maybe?). Cool, everything’s working again. Not quite.
Seems after that, the proxy magically stops working alltogether, so from the web interface, I just disable it, and re-enable it. Cool, everything’s working now. Riiiiight.
A few hours later, suddenly the internet is dead. Hmm, seems the firewall is blocking all traffic again and routing though the same NIC. Sooo, I repeat the whole IP change/reset, proxy reset, etc, and everything’s cool.
A few hours later I find myself repeating the whole procedure again.
This is seriously lame, having to practically reboot the entire machine every few hours. So I think maybe I’ll try to set up a PPPoE connection. So I go and configure the router correctly, test ‘dialing up’ with my machine in XP, all’s cool. Now to set up SmoothWall. Running the setup tool again lets me set the “Red” interface to “PPPoE”, and that seems done. Now where do I put my username and password to dial up?
Aparrently the “ppp settings” page of the web GUI is where it’s done. Now excuse my ignorance, but this looks like a modem dial-up page, asking for phone numbers, which COM port my modem is on, etc, etc. A bit of searching around the rather un-helpful support forums, reveals that this is indeed where you need to configure PPPoE usernames and passwords. Just leave all settings alone except for login details.
I give it a shot, tell it to connect, nothing happens. Check the logs, and not surprisingly, it’s trying to connect via ttyS0 (COM1).
Now, aparrently there’s supposed to be an option to select the correct interface in the drop-list where you select which port your modem is on, on the “PPP Settings” page, but for some magical reason this does not exist for me.
Unfortunately their forums are also not very helpful it seems, and even after composing a very descriptive help request, I get a rather sarcastic “RTFM” response for a subject not covered in the manual.
Basically the manuals are not up to scratch, the support forums are full of leetbois, the options in both the setup tool and web UI are obscure, and the whole thing is bloody useless, needing a darn reboot every few hours. WTF.
I’d love to send the whole thing to hell, but unfortunately I have to get it to work. *sigh*
Update on this; seems it needed a few reboots and re-setting the settings a few times to make them ’stick’, and for the web GUI to allow the selection of “PPPoE” as my PPP connection interface.
Yay.
A cloooo. You should be using the Smoothwall as a DNS cache, not trying to bridge DNS through it’s NAT to your ISP or some such crack.
If you’re using “ADSL” via ethernet PPPoE then you’re not using ADSL, you’re using Ethernet PPPoE. So it’s rather obvious to “Disable” “ADSL”, then in the network selection system assign the correct network cards to the Red/Green interfaces as needed.
I’ve never had problems like what you explained, I have a feeling you didn’t read the FAQ’s before installing
-Regards
Colin “Karnaugh” “The Smoothwall Fanboy” Alston
Yeah somethings definately wrong, I use smoothwall wherever I can and havent really had anay problems @ all.
I once had problems like you mentioned with it not letting you go on the net, so I stuck another NIC in and that solved the problem. It was the onboard realtek 8139 giving a problem somehwere. What I dont understand though is that the replacement card had the same chipset :/
Faulty onboard card I guess
Thats really unbelievable, we have a network of 7 smoothwall 2.0 express boxes running VPN’s to our head office in cape town for the past 18 months with not 1 hiccup. The only problems we experienced were due to Telkom and even with that, at least the smoothie was able to supply us with detailed logs on the PPPoE client.
We also run really rubbish machines (Pentium 133) although we insist on intel cards…we also have a load of mods installed including custom scripts to switch dialups and its the most reliable setup I have ever worked on, I think your problem may be related to PEBKAC.
Well you probably have a few dedicated network admins on all side of your network as well ;).
At my time of writing the article above, I had never used SmoothWall before, I knew nothing about PPPoE, and I’m not a network admin :). My article is also about the installation and setup, not something that’s been running for 18 months.
Anyway, everything’s up and running perfectly as I mentioned in my first comment, and has been running well for the past 2 and a half months. I just had some learning and noobness to get over :).
I’m a Smoothie fanboy mysefl. But I will agree that the webforums are solely for the converted, fellow fanboys. And if you think the reception is cold on the webforms, you should try asking questions like yours on their irc channel. Watch out! Plenty of interesting scuttlebutt on /. Old news though about the attitude of the Smoothwall Mafia.
They believe.
I have to agree that the setup is not so obvious as to be foolproof, and somewhat confusing, as you noted in describing the ppp config page. But it is in the docs ….somewhere…and the docs are…well like the setup…not so obvious. They are written as though you ought to read them through completely once, then refer to the pertinent sections as you install. And a pretty decent network skill level is always handy to have, as well as dealing with manually configuring network cards and their module parameters, if you’re using older ISA boards.
The price is right though an once it is up and running, as long as your hardware holds up you’ll have a trouble free firewall and router box. Ive had uptimes in excess of 150 days.
Well if anyone’s interested (highly doubtful :P), this SmoothWall installation has been removed, since after I left the branch (to moev to Jo’burg) I installed it in, the 3l33t ‘admin’ person who took over my duties insisted it was causing internet slowdown. Which is complete crap, since it was running perfectly until the day I left.
*sigh*
We are intersted…
As one who has run Smoothwalls and installed them everywhere for almost 5 years, I can testify it’s awesomely reliable. As for the nobishness on the forums, your wrong… Like a lot of the net, it’s more like club ambiance.
Face it, hav’in a Smoothie is like… well, hav’in a pint or two at the pub. It’s a club. The help’s free and so is the product. When was the last time you ever walked into a brood full of regulars and asked “eh.. who got the fastest car here?”. Ol’ Johnny winks at his buddy and says to you “what’s that hunk-a-crap you drive anyway?”
…like it or lump it, if you stick around the forums long enough, you’ll get some good ole humour and be modding your smoothwall just like the rest of us. Chill out mate, them Aussie and UK blokes are downright fun!
We are sorry you got miffed though.