cancel
Showing results for 
Search instead for 
Did you mean: 

hardware recommendations

N/A

hardware recommendations

Hi,

Just upgrading to ADSL from FRIACO.

Ideally, I want to build my own firewall using an old box running Astaro (worth looking into for a firewall). Because this is a linux based system, I need a 'router' style device to connect it to the ADSL socket splitter.

Now, as I'll be using the Astaro box to do all the NAT and firewalling stuff, the requirements for the router is basically to present the single IP address on CAT5 ethernet and not to do NAT or firewalling itself - or provide a built in switch/hub etc.

Anyone know of such a device (hopefully cheaper than an all singing and dancing NAT/firewall router)?

Thanks,

Steve
1 REPLY
N/A

RE: hardware recommendations

> Hi,
>
> Just upgrading to ADSL from FRIACO.
>
> Ideally, I want to build my own firewall using an old box running Astaro (worth looking into for a firewall). Because this is a linux based system, I need a 'router' style device to connect it to the ADSL socket splitter.
>
> Now, as I'll be using the Astaro box to do all the NAT and firewalling stuff, the requirements for the router is basically to present the single IP address on CAT5 ethernet and not to do NAT or firewalling itself - or provide a built in switch/hub etc.
>
> Anyone know of such a device (hopefully cheaper than an all singing and dancing NAT/firewall router)?
>
> Thanks,
>
> Steve

These devices can actualy be dearer.

The best way to go about it, is to try and use a PCI or USB modem, though I don't know if any of these work with linux.

Other possibilities include, DMZ forwarding.

This what I currently use.

I have 3 linux boxes. To keep things simple, i wanted to just setup the linux boxes, and use the standard ports. However, with one IP, they would not be accecable from the net.

So I decided to use port forwarding.

A lot of router support this, but many don't support port ranges (including my own). This limits you to so many ports you can forward. Thus, with 3 systems requiring a otal of 32 ports forwading, with a router that only does 10, your screwed.

Using the DMZ, all traffic is forwarded to one box, and using iptables, traffic is re-shapped and sent to the correct machine.

This may not be what you want, but it's probably the best way about it.