| View previous topic :: View next topic |
| Author |
Message |
angill
Tux's lil' helper
Joined: 26 Aug 2003
Posts: 87
Location: Ohio
|
 Posted: Thu Sep 11, 2003 4:43 pm Post subject: Best firewall to use for a corperate environenment |
 |
|
Currently I run Raod Runner's "Guardian Firewall/VPN access" that is installed on my sisco router and controlled by Road Runner support. My idea goal would be to eliminate that service from them and put a gentoo box between my router and my hubs to control network access. I have read quite a bit about home users sharing internet connections, but this is in regards to a 30 user network.
_________________
what if the hokey pokey is what it's all about? |
|
| Back to top |
|
 |
Beaker
n00b
Joined: 22 Apr 2003
Posts: 26
Location: Raleigh, NC
|
| Posted: Thu Sep 11, 2003 4:51 pm Post subject: |
|
|
I think the answer will depend on what services you need to make accesible to the outside world. Your post suggests that you currently allow VPN access. Would you still require that? What about an email server or web server?
If you just want to enable internet connection sharing, then a Gentoo box running iptables or a *BSD box would probably be fine. (I know, I know - this is a Gentoo forum, but I hear lots of good things about *BSD too).  |
|
| Back to top |
|
|
angill
Tux's lil' helper
Joined: 26 Aug 2003
Posts: 87
Location: Ohio
|
| Posted: Thu Sep 11, 2003 6:49 pm Post subject: |
|
|
I do run vpn access in from the outside, as well as run a mail server from the inside. I'm just tired of having to call them just to add access to a certain port so someone in my office can connect to something.
_________________
what if the hokey pokey is what it's all about? |
|
| Back to top |
|
|
pmjdebruijn
Guru
Joined: 24 Jul 2003
Posts: 506
Location: Sittard, The Netherlands
|
|
| Back to top |
|
|
paranode
l33t
Joined: 06 Mar 2003
Posts: 679
Location: Texas
|
| Posted: Thu Sep 11, 2003 9:54 pm Post subject: |
|
|
If you don't mind learning something new, OpenBSD is really good for this stuff. Of course, Gentoo will work also, but OpenBSD's pf (packet filter) is much easier to learn than iptables.
_________________
Meh. |
|
| Back to top |
|
|
EvilN
n00b
Joined: 13 Feb 2003
Posts: 47
Location: Stockholm, Sweden
|
| Posted: Sat Sep 13, 2003 6:22 pm Post subject: |
|
|
Yepp, OpenBSDs packef filter (wich is really much more than a packet filter...stateful, priority classing and such) owns IP tables (my oppinion of course). Also OpenBSD is pretty hard in the default install so you dont have to be a security wizzard to turn off services and path forever (although a normal OpenBSD release seems to get around 3-10patches during its lifetime excluding packages).
Absolutley my first choise for firewalls or any server directly connected to internet.
That is, if you can get it running at all...OpenBSDs HW support is REEEAAALLY bad.
Check those compability lists before even trying.
_________________
Juniper Networks Certified Internet Associate
JNCIA-M #0090 |
|
| Back to top |
|
|
|
Networking & Security
