[Gloucs] New router advice

[Simon Lewis]

On 27 Dec 2006, at 18:50, Paul Broadhead wrote:

> Not strictly Linux but you folks are a knowledgeable bunch...
>
> I currently have a Smoothwall box performing the router/firewall
> function on my network.  It's an old PC, it will break one day and  
> it's
> consuming lots of power being on 24/7.  I was thinking of replacing it
> with a small, lower power box from the likes of Netgear or D-Link.
>
> The problem is is they don't appear to be as good.  The main feature
> they appear to lack is a proper demilitarized zone (DMZ), i.e. one  
> that
> makes use of a separate subnetwork.  Smoothwall not only fully  
> protects
> the DMZ only allowing through ports you specify, but also allows  
> you to
> provide controlled access into your internal network should you wish.
>
> The boxes I've looked at so far allow you to "fully expose" a  
> machine to
> the WAN side but the "DMZ" machine will have full internal network
> access, doesn't sound very DMZ to me!
>
> Any experience out there that can help me find what I'm looking for?
> Alternatively, a recommendation for a small, cheap, low power PC that
> can run Smoothwall with three network ports would be great.
>
> Regards and happy Christmas,
> Paul


Hi Paul,

In terms of DMZ, all purchased routers tend to do is allow full port  
forwarding to one IP.  Not a proper DMZ but its only for home...

If you ensure that your local machines have a firewall and are fully  
patched against the services they export outside of the NAT you  
should be ok (#1).

In terms of buying a solution: Linksys (Cisco) and Netgear and Belkin  
seem to be reliable.

If you have trouble with QOS put a m0n0wall box in.... works a treat.

Hope that helps,

Simon

#1. I stand to be corrected ;)