> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von Willy van Gulik
Hi there. > 1 Feed to the internet (let's call it FEED1) where I got > several public > unfirewalled servers (mail, web, whatever) > 1 Other Feed with another ISP (let's call it FEED2) where I also have > some servers that I commonly access and > 1 Private network area for the office, with currently a linux > box, with > 3 interface to access both networks. Having pointed out some details here, I'd say most of those little commercial firewalls are not sufficient anyway. > Now, I want to > - set up a firewall to protect my boxes on the FEED1, without (if > possible) changing the IPs of the servers (too much mess and > time lose > and unknown factor with strange services and daemons) > - set up a VPN to access my private network > - keep an access to my network with FEED2 at 100 MBytes/s (a > lot of file > transfer are done to this servers) > > Some products kept my attention, as a PIX-515E-UR-FE-BUN (6 eth, > unrestricted liscence) and Juniper Netscreen-204 (4 eth) I must admit I don't really know these blackboxes and therefore I do not trust them anyway. My suggestion is to get a decent PC (or Sun), fit it with enough NICs and go build your own firewall with a BSD or Linux, whatever your favorite is. I've seen a firewall connecting four different networks, making NAT on one of them plus managing an IPSec-Tunnel and being a VPN-Server as well. The machine was a P350 or something, 512 MB RAM and was running FreeBSD 4.x. Run like a charm. Of course you need to know what you're doing, but you need that with any firewall and IPFW isn't that difficult. CU, Venty _______________________________________________ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
