Hi, I have been using a Linux distribution router/firewall for a number of years for a small company. I have been aware of Pfsense for a few years, but have never switched. I am now in the position that we are going beyond a few servers and will be running web and email servers for third parties. I am going to do a hardware upgrade and so I have a chance to switch. A couple of questions to try to get a sense of the differences.
Our layout, I would plan to install pfsense as the main router at the end of the ISP line. We have lots of public ip addresses which will be mapped to VPS servers behind this machine. I currently NAT all traffic, but was considering assigning the public ips to the VPSs themselves to simplify things. Ranges of ip addresses have different subnets and gateways. IDS and updates is provided for a fee for us right now. In a setup like this, is IDS a good idea? Or will it probably cause headaches locking some clients out accidentally? I would assume PFS is hardened to withstand attacks against it. We have multiple wans, but we run all traffic on one pipe and lan traffic on the other which has another firewall to separate it from the servers. Would running a firewall on PFS in this situation be a good idea? Or just run it as a router? The fail over sounds great, especially for a production environment. If I start with one machine now, can I add a second one later while things are running? We have a 5mb line, is a quad core processor with 4gb of ram overkill? I will want to do ip accounting. Thanks for any info from the experts! TonyZ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
