Good Afternoon, I was hoping to get some assistance.
I have a brand new MX65 Im trying to deploy on a very small network. The current flow is as follows:
Modem -> Router -> Switch -> Clients
I want to deploy as follows (This is for a single retail store with minimal data to protect):
Modem -> Firewall -> Router -> Switch -> Clients
Im looking to ensure basic port forwarding, firewall rules, and client VPN. What is the best way to configure this? It appears I have an option to make it either L2 pass-through or L3 routable.
Can I do L2 and have it work with basic firewall functions and Client VPN setup? Or do I have to do it L3?
Also, is there any cabling differences between the two? I have WAN going to the model, and port 1 on the firewall going to the router.
Firewalling and client vpn are possible in passthrough mode. But port forwarding makes no sense as the MX is not actually routing in this mode. Take a look at this link:
Have you thought about outright replacing the router by the mx?
Ive seen that page, but most of them seem to lack significant detail.
Anyway, I was reading a section that mentioned I should make the MX65 the default gateway for all of my client's. Is that correct?
That's only the case if it's in router mode and if it's the first router passed on the path to the internet. If you would deploy it Internet -> MX -> Router -> Switch then the router would be the default gateway.