[SLUG] Re: Firewall Device Opinions
Glen Turner <[EMAIL PROTECTED]> uttered the following thing: > > The DMZ might be a problem for the WRT54GL since they only > have three routable interfaces (wireless, "Internet" and > "LAN"). I don't think that the four 100Base-TX ports are > independently routable. > They certainly are. Depending on the exact make/model, every single port (all 5) can be configured as a separately routable inteface if you want. (Yes there are 5 - the WAN port is just configured by default on its own VLAN as the outside interface) The only thing to keep in mind is that traffic _routed_ between separate VLANs is trunked through a single (internal) 100Mb port. Traffic on the same segment is fully switched though. > I'm very impressed by the OpenWRT software -- the packaging > is really well thought out and it is a joy to use. We use > it for a access points, since we want them to run IPv6, which > isn't supported by the manufcturer's firmware. Yup - the software is very good. It's really nice to see a debian/apt style system. eg 'ipkg install nmap' and it downloads and installs automatically. BB -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Re: Firewall Device Opinions
On Mon, 2006-07-10 at 10:02 +0200, Ben Buxton wrote: > I've just installed an Asus device running OpenWRT to replace my home > gateway box, and I'm very impressed. Which device did you use Ben? I've been wanting to try this out with the WRT54G but could only purchase a newer version (v5) than was supported at the time. This makes it a bit hard to use on an ongoing basis. Maybe Asus's device have a more stable hardware selection. -- Simon Wong <[EMAIL PROTECTED]> -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: Firewall Device Opinions
Phil Scarratt <[EMAIL PROTECTED]> uttered the following thing: > Hi > > 1. OpenWRT on a Linksys device > 2. Small form factor pc with some sort of solid state memory running linux. > > The only caveat is that it (the fw) has to allow for a DMZ, and may have > to run multiple internet (WAN) connections (I am currently > investigating/googling whether an OpentWRT device can do this) in the > future. Otherwise fairly straight forward. This is for a business > environment. I've just installed an Asus device running OpenWRT to replace my home gateway box, and I'm very impressed. It gets full line rate on a 6190/768 ADSL line with pptp, including NAT, firewalling and IPSec tunnels. Also has two USB ports (eg for storage, etc) More good news - all of its 5 ethernet ports can be partitioned into separate logical interfaces, so you can create DMZ VLANs hanging off it. http://wiki.openwrt.org/DemilitarizedZoneHowto And thus you can also create multiple WAN interfaces. Of course, it's silent. BB -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
