Configure a Firewall with an RV50

Good Afternoon,

We’ve been trying to get this up and working but no such luck…

All we want is for the ethernet port of the RV50 to plug into the external interface of a Watchguard firewall.

The watchguard firewall will assume the public IP of the RV50 and handle NAT/ping/port forwarding rules.

We have the RV50 configured to pass traffic through with the Public Mode setup option.

Public Mode is similar to IP pass-through. When Public Mode is enabled, by
default the Public Mode host becomes the DMZ host. Public Mode is required
when the connected device needs a routable IP address and has no other
connection to obtain it.

The watchguard firewall external interface is setup to a static IP of the RV50’s public IP address.

thanks!

This is the same thing I need help with.

I am not very happy with the lack of support you are able to get from Sierra Wireless.

Nobody has answered this request from MARCH???

Have you had any luck configuring this?

I’m looking to do the same with an RV50 connected to a SonicWALL.

If you haven’t found an official answer the below steps should get this to work for you. It took some time to figure out so I hope it helps you save some time. I’m running ALEOS Software Version 4.9.3

  1. Make sure you have an external static IP from the cellular provider linked to your SIM (typically requires a correct APN to be set) This can be done under WAN/Cellular>Cellular>SIM Slot X Configuration>User Entered APN
    2.If you want the firewall to respond to pings rather than the modem go to WAN/Cellular>General>Ping Response>Response to Incoming Ping>Set to Pass to Host
  2. Under LAN>DHCP/Addressing>Expand IP Passthrough>Set the following:
    IP Passthrough: Ethernet
    IP Passthrough Mode: First Host
    IP Passthrough Subnet Mask: 255.255.255.0
    Reset Host Interface: Enable (hands off public IP to a newly connected device if modem is rebooted)
  3. Under LAN>Ethernet>Expand General>Set DHCP Mode to Auto
  4. Under Security>Port Forwarding>Set the following:
    DMZ Host: Automatic
    Port Forwarding: Disabled
  5. Set WAN interface on firewall to DHCP (Do not statically assign IP)
  6. Reboot the modem after all these changes and ensure your firewall WAN port is the first device connected to the RV50

Let me know if that works for you. Hope it helps others too.

Hey, I followed all the steps you outlined, but still get no response to ping, or port forwarding, any ideas?

Aleos version 4.9.3

On the Status > Home > Active WAN IP Address page do you see a public IP address? If it appears to be in the private schemes (10.x.x.x, 172.x.x.x, or 192.x.x.x) this means you don’t have the correct provider account to pass internet based traffic to the device behind the RV50. You will need to talk to your account rep to establish a static IP setup. Typically this will have a $500 setup fee if this is a first for your account.