On Fri, Sep 30, 2005 at 09:51:21AM -0400, David Zakar wrote: > Does anyone have any recommendations for a good, enterprise-class > router? At the moment we're using a Juniper router, which has excellent > management capabilities, but this awful limitation to only letting out > 10 machines at a time. Firmware upgrade to unlimited machines is $800, > so I'd prefer to stay somewhere under that.
Sounds to me more like you're looking for a NATtin firewall. > I am _not_ interested in screwing with iptables or ipfwadm all day, so > please do not suggest a generic Linux or *BSD box, unless there's some > sort of _really amazing_ front-end that you'd like to inform me of. I > have way too many other things to do to waste my time with arcane > firewall rule syntax. fwbuilder > My requirements are: > 1. Must do NAT. Yup. > 2. Must be able to do port forwarding, including doing access control by > _hostname_ (ie, DynDNS hostnames must resolve properly. I can live with > four hour refresh intervals for hostnames, though.). I would find it a > nice bonus if it could forward certain groups (see below) to certain > machines, but that's icing. This is not a good idea at all (spoofing DNS is trivial), but it is possible that fwbuilder can support this. > 3. I would really love something which has an object model, so I can > connect logical names to hostnames and IPs (ie, DMZ has IP > xxx.xxx.xxx.xxx, John has hostname johnsbox.dyndns.org), and throw > together groupings of objects. fwbuilder does this. > 4. To keep this on-topic, must be "Linux compatible". I would prefer > something running Linux on the backend, but I need something that works > well more than anything. Ditto. > 5. Web-based GUI. I'm busy and lazy. Not web-based, but GUI nonetheless. Ben -- Ben Stern UNIX & Networks Monkey [EMAIL PROTECTED] This post does not represent FTI, even if I claim it does. Neener neener. UM Linux Users' Group Electromagnetic Networks Microbrew Software
