Re: Network Firewall/Routing Solution
From: NetEng (cclark@trailersaver.com)Date: 05/06/02
- Next message: Chamfered: "Re: Decent Firewall"
- Previous message: NetEng: "Re: Netscreen to Linksys Cable VPN Router"
- In reply to: Marco Polo: "Network Firewall/Routing Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "NetEng" <cclark@trailersaver.com> Date: Mon, 6 May 2002 10:44:32 -0500
MP-
Cisco router w/ Firewall IOS, will do everything your requesting.
collin
"Marco Polo" <MarcoPolo@bdku.com> wrote in message
news:JdTA8.6240$Fr2.1578176@twister.kc.rr.com...
> Hi, and thanks for the time your taking to read my post. I am looking
> for a good solution to route inbound and outbound traffic. I hate those
> firewall combo boxes that linksys sells, and I really don't want to run
> software on every client. My approach is to have a computer stand between
> the networks and route at the same time protecting the internal with a
> firewall.
> I've used M$'s ISA Server 2000, and it works ok with the exception of
> not working properly at all with multiple network cards. I'm still
working
> on a workaround. Might end up scripting configuration changes for the
cards
> to move all IPs to one card after getting DHCP information. I hate
sticking
> to M$ for this stuff, but I know very little about Linux, and I'd feel
more
> comfortable using an os I know all about in a firewall.
> I will need to deal with inbound web and ftp requests from the
internet
> to four IPs (on four different network cards). It would be preferable to
be
> able to filter the connections that are established to these IPs for
things
> like Unicode and header information for http requests, and in the case of
> ftp, the port command so I know what outbound connection to allow for
> non-pasv connections. Based on the information gathered, the connections
> should be redirected to an internal server, denied entirely, or used to
make
> a dynamic rule allowing an outbound connection from the ftp server.
Logging
> capabilities are a plus, as well as real-time alerts. The ability to pass
> information about the alert to a script that could run a program or send
an
> email is something I'm looking for too. I also would like to have it
proxy
> web requests form the internal network to increase apparent speeds. I
> assume I could probably just use BIND for forwarding and caching DNS
> requests. It of course needs to support regular NAT clients, but as that
is
> a long standing standard, it probably isn't an issue. As I often use
> netmeeting, and plan to purchase a couple IP phones, the ability to act as
> h.323 gatekeeper would be excellent.
> As always, scriptability, and expandability via plugins I'd make
myself
> is very important. This way, I'd be able to add in some of the features
if
> the firewall itself didn't have them.
> I realize none of you are obligated to reply or even read my post, so
I
> deeply thank those of you who can provide help, and suggest a solution
that
> might work for me.
>
> Regards,
> Marco
>
>
- Next message: Chamfered: "Re: Decent Firewall"
- Previous message: NetEng: "Re: Netscreen to Linksys Cable VPN Router"
- In reply to: Marco Polo: "Network Firewall/Routing Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
