Re: Why you have hardware firewalls

From: Arthur Hagen (art_at_broomstick.com)
Date: 04/06/05


Date: Wed, 6 Apr 2005 11:24:29 -0400

Leythos <void@nowhere.lan> wrote:
> On Tue, 05 Apr 2005 23:07:44 -0400, Arthur Hagen wrote:
>>
>> Leythos <void@nowhere.lan> wrote:
>>
>>> One other thing - Many routers, as mentioned before, have limited
>>> ability to block IP's and some can't block ranges (x.x.x.x/24), some
>>> can't block IP/ranges at all.
>>
>> If it's a router, it can do routes. If it can do routes, you can
>> route the range away. Not the same thing, I know, but it's BTN. :-)
>
> Ah, but many routers today, the SOHO units that provide NAT
> protection, are routers, but are not setup as basic routers, they are
> setup for home users, so the distinction is needed. Linksys routers
> can be setup as a router and even block, but it would disable all the
> home user easy functions and most home users would never be able to
> get to the internet at all.

You're saying that as if it was a bad thing!

-- 
*Art


Relevant Pages

  • Re: ISPs?
    ... Our border routers run Quagga but we are in the ... We are using Network Appliances from portwell as ... will receive full routes. ... my internal route server from distributing the routes into the network. ...
    (freebsd-isp)
  • Re: routing problem
    ... setting up routes after the connection is made. ... Here we hit the problem of mixing ISA and RRAS. ... > OK, unfortunately, I have to use the DC's as VPN routers. ...
    (microsoft.public.windows.server.networking)
  • Re: Load-balancing across four T1s on 2 routers
    ... Actually the L3 switch will only see 2 equal-cost routes. ... The firewall's' default gateway will be that layer-3 switch. ... also on 2 routers on the ISP's site. ...
    (comp.dcom.sys.cisco)
  • Re: bridging
    ... > establish two routes over the two separate physical devices. ... but it is two routes with the *same* physical device. ... Most all commercial grade routers have at least ... and the router determines which serial port the traffic is to go out of. ...
    (microsoft.public.win2000.networking)
  • Re: IPCOP OPENVPN side by side with router VPN
    ... the IPCOP distro doesn't allow it from the config webpage... ... your static routes should override anything the routers get via ... Secondly, if your ISP is using 10.* as part of its management network, ...
    (comp.os.linux.networking)