Re: Confused about low-end hardware firewall..
From: RT (russandsandy@no.slimey.spammers.attbi.noteven.com)
Date: 01/11/03
- Next message: INVALID: "Re: One Easy Way to tell if your system is hacked/owned"
- Previous message: RT: "Re: One Easy Way to tell if your system is hacked/owned"
- In reply to:(deleted message) Leythos: "Re: Confused about low-end hardware firewall.."
- Next in thread: Ric Griffy: "Re: Confused about low-end hardware firewall.."
- Reply: Ric Griffy: "Re: Confused about low-end hardware firewall.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "RT" <russandsandy@no.slimey.spammers.attbi.noteven.com> Date: Sat, 11 Jan 2003 08:12:35 GMT
Firebox 700 would be more than enough.
If you don't want to change the server IP's, you can configure it in
"drop-in" mode - all interfaces share the same base IP/subnet and the box
proxy ARPs everything, but we generally don't recommend that.
RT
"Leythos" <void@nowhere.com> wrote in message
news:MPG.1888009e240be8de989930@news-server.columbus.rr.com...
> In article <7282be9f.0301091745.66c18575@posting.google.com>, damon-
> mail@cybermagic.co.nz says...
> > Hi there,
> > I'm having trouble choosing a hardware firewall for a satellite
> > small office/web system. I want a simple/cost-effective solution
> > (maybe dlink, smc, linksys etc). I have two co-located servers running
> > a range of services including mail, web, dns, win2k ads and possibly
> > others in the future..
> >
> > The servers are hosted at an ISP and accessed by windows roadwarrior
> > clients, web users and one (for now) satellite office with a win2k
> > gateway server running ADS. I have 16 external IP addresses from my
> > ISP bound directly to the NIC in each co-located server. I am using
> > default Win2k VPN now but VPN in hardware would be desirable.
> >
> > I want to put in a firewall that can bind the 16 external addresses,
> > perform simple packet filtering and then route valid packets to the
> > two servers.. I would prefer not to change the servers to internal IP
> > addresses (192.168.x.x) if possible. Good flexible logging and even
> > bandwidth usage would be desirable. I don't need fancy intrusion
> > detection/SPI.
> >
> > The closest product I have found to suit my needs so far is:
> >
> > http://www.dlink.com/products/broadband/dfl300/
> >
> > However it appears to only let me define 1 external static IP address.
> >
> > Any suggestions?
> >
> > Regards,
> > Damon Rand.
> >
>
> You can not do what you want with a Home User router - you really need a
> firewall. Get a Watchguard - if you don't need a lot of users you can
> get a SOHO, if you want a full subnet inside you will have to get a
> Firebox 2500 or better.
>
> I have a bunch of FB2500's around the US - easy to install, fast VPN,
> etc...
>
>
>
> --
> --
> Leythos999@columbus.rr.com
> (Remove 999 to reply to me)
- Next message: INVALID: "Re: One Easy Way to tell if your system is hacked/owned"
- Previous message: RT: "Re: One Easy Way to tell if your system is hacked/owned"
- In reply to:(deleted message) Leythos: "Re: Confused about low-end hardware firewall.."
- Next in thread: Ric Griffy: "Re: Confused about low-end hardware firewall.."
- Reply: Ric Griffy: "Re: Confused about low-end hardware firewall.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
