Westell Versalink and Cisco Pix 506

Ok here’s one where google failed me.

My last two weeks have been consumed with our office move. It’s been a juggling act of contractors, furniture vendors, and that big snuggly bear, Verizon. Yesterday was the big day and after several long hours getting equipment unpacked and installed, the last step was to connect a Westell VersaLink DSL modem model B90-327W15-06 to our Cisco Pix 506e and the rest of our network. I tried to save us a buck by not having our normal tech contractor there for the move (extra $ for the Christmas weekend). Bad idea. I spent much too long trying to figure this out myself and surprisingly when I called Verizon I must have gotten the only competent technician they have. Here’s the steps on the off chance anyone else out there has this same problem.

  1. Connect a computer to the modem. Follow the Westell manual instructions for accessing the configuration page. Go to Advance >> Wan >> Multiple PVC.
  2. Edit the first VC. Select Bridge and Bridge. (The manual said to use Routed Bridge for the second option.)
  3. The modem will save settings and restart
  4. Click the Lan Tab and select Private Lan. Disable this feature and save the configuration.
  5. At this point the computer will no longer be able to access the modem configuration page.
  6. Connect to the Pix, via hyperterminal and a console cable (helpful instructions here)
  7. Click enter to get the pix prompt
  8. Type Enable. Enter your password.
  9. Type Configure Terminal.
  10. Type IP Address Outside x.x.x.x where x.x.x.x is your Verizon-assigned ip.

At this point you may want to try pinging an outside ip from the pix and from a computer behind the firewall to confirm that you can access the internet. If you have trouble you may also need to check you routes(helpful instructions here). If everything is working type WR M to save the configuration to memory.

PHPBB Security

After getting a noticeable up tick in spam despite implementing a new spam filter (GFI Mail Essentials), I did a simple google search for my email address to see if it was being published somewhere. Sure, enough I found it on the memberlist.php page of a PHPBB forum we are testing. Simple fix was to just rename this file so that it wouldn’t be a treasure trove for spammers any more. (Though only closing the barn door, one might say.) I was surprised that I could not disable this list from Admin menu. Google also helped me find a nice article about securing PHPBB on somewhat ironically, a .Net developer site. I say ironic not because PHPBB uses open source code and .Net is arguable proprietary, but because the reason we have this test forum was to integrate it with a .Net site. Spooky, right?