Shawn wrote: > If you are doing VPN via a Windows Server, then you only need port > forwarding of the VPN ports to that server. The IPCop box would NOT be > doing your VPN for you.
OK....problem solved on this as we are currently doing that with the cheap router anyways. > With the wireless you have options. Either set up a Blue zone on your > IPCop box, or just treat wireless as part of the local network (the > green zone). If you go with the latter option, then you need to make > sure the wireless router providing access is as secure as possible - > seeing as it would be bypassing your firewall. At this point we don't use the Wifi, but I can see it being used mostly for guests. It is possible that it could be used for temporarily adding extra nodes to the network, but not sure. If it were to be used for guests I would only really want to provide them with net access and nothing more. For extra nodes, they would likely need access to LAN resources. IIRC connecting a LAN port from the WiFi router to the green card would pass through any DHCP information coming from the network provide the router DHCP server was disabled. Now connecting through a blue NIC, is there anything special I need to do? Is it possible to provide the two levels of access? If I knew all the possible computers that would connect I would ideally filter by MAC, but will likely stick with a non-broadcast SSID and a pass phrase with WEP or WPA encryption (not sure what the wireless router is capable of) and provide the credentials to those who connect. > If you opt to do traffic shaping, I understand this to be less processor > intensive than proxying/filtering. But I don't have anything solid to > back that up either. > It would seem that you may be in a situation where you won't really know > if you have enough hardware to do the job, until you put it into service > for a bit. My instincts/experience tell me though that given your > initial list of requirements, it will not be enough. Of course, > changing your requirements would change that assessment... :) The thing is that this is an office of about 15-20 people (at max) and the traffic is primarily web & e-mail. I would have thought that a 1 GB CPU with even 256 MB RAM would have been more than adequate to handle that kind of load, but I could be wrong. I am basing this on the little gNet router that we are currently using now on a business DSL connection at the end of a long loop. I could be wrong though. _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
