[sclug] Linux Firewalls and ADSL
Alex Butcher
lug at assursys.co.uk
Tue Jun 8 15:26:14 UTC 2004
On Tue, 8 Jun 2004, Steven Lane wrote:
> I am looking into building a linux firewall router to act as a border to my
> network. I have been allocated five fixed IP addresses. I want to build a
> DMZ where I wish to run webservers. Additionally I want to be able to
> connect from another Internet location over a VPN to my Windows 2003 server.
> Internal addresses need to be NAT'ed.
>
> I was looking at smoothwall and IPCop. Has anybody got any comments on
> these products or recommendations regarding other Linux firewall distro's?
Astaro Security Linux <http://www.astaro.com> is very good, and full of
useful features but might be a bit too over-engineered for non-security
specialists.
v5 seems to have a bit of a problem with getting the ethernet cards mixed up
between install time and first boot, which is a pain (as you then either
need to recable, or frig around with the bare config files).
> I was looking at putting an ADSL PCI card in the firewall to connect to the
> Internet. Does anybody have any recomendations for supported ADSL cards?
There are at least a couple that are reputed to work:
<http://www.dabs.com/uk/Search2/Product+Details.htm?quicklinx=33N7>
<http://www.thecaretaker.org.uk/drivers.htm#pci> is a good starting place
for drivers for this one and other suggestions.
<http://www.linuxdsl.co.uk/> using
<http://www.bewan.com/bewan/users/downloads/index.php>
When I looked into it, I decided it wasn't worth the hassle, especially as
lots of the drivers are (semi-)closed binary kernel modules which may or may
not continue to work with future kernel revisions. I went for an
Ethernet<->ADSL router. Now the prices are lower, I might reconsider. But
then, router prices have fallen dramatically too.
> TIA.
> Kind Regards
> Steve
Best Regards,
Alex.
--
Alex Butcher Brainbench MVP for Internet Security: www.brainbench.com
Bristol, UK Need reliable and secure network systems?
PGP/GnuPG ID:0x271fd950 <http://www.assursys.com/>
More information about the Sclug
mailing list