Thanks to all the responses. As suggested, I will start and test with just 2 nics. With linux, I am finding that I often, and unknowingly, put the horse before the cart, or 2 horses and no cart. Ok, no worries, I will report back once I have ipcop working.
----- Original Message ----- From: Gustin Johnson <[EMAIL PROTECTED]> Date: Monday, November 14, 2005 11:10 pm Subject: Re: [clug-talk] firewall > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > D Bhardwaj wrote: > > So I decided to take a break from the server stuff and instead do > a brick and mortar firewall. > > So, message is try IPCop, it is too simple. > > I install it, suddenly to be confronted with what looks like a > colour coded boxing match. In the green corner all is safe so put a > server there, stay away from the red corner, the blue is for > wireless and orange for your web server. > > Simple, but now be prepared to find upto 4 NICS! Do I have that > many slots? Different nics, either with drivers or which probe can > detect. Configure with static IPs, disconnect from the 'net. Do I > need blue? Can orange and green go together? > > Why did I get rid of those old nics, maybe I have some old 10mbit > ISA somewhere. Will they work? > > > You don't need all 4 zones. Typically I use only 2. For a web server > you can port forward ports 80 and 443 to the web server. Really the > firewall configuration is dictated by your network size, layout, and > security policy. How many workstations are connected, how many > servers,do you have static IPs (on the outside, ISP facing zone, > which I am > guessing is the Red one). > > Firewalls are not nearly as simply as they appear, especially when > theyhave routing tasks. If you have time to burn (actually it is > time well > spent) check out http://lartc.org/ which is an overview of all the > things a linux router can do, which is a lot... > > I am not sure why you would need different cards, but I would stay > awayfrom ISA. VFX has a boatload of 3com and sometimes Intel Nics > for cheap. > > To avoid the headache of using multiple cards, I am waiting for one of > these: > http://www.routerboard.com/rb44.html > > Handy since the firewall I am building does not have a lot of free > slots(actually it only has 2 in total). > > > Is this normal? Do others have the same experience? > > > > Dharam _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
