Suggestion on Router/Firewall solution

Suggestion on Router/Firewall solution

Post by Leslie Jens » Wed, 20 Jun 2001 16:37:38



Hi
I'm the administrator of a network with approxcimately 100 workstations and
8 servers (NT4/W2k). Today we use an ISDN line to connect to the Internet.
Mail and DNS services are provided by our ISP and that gives us some
trouble now and then.

As of next month we will have a direct connection and therefore I would
like to build a nice firewall/router solution based on Linux. I want to
isolate our present network so that it is not seen from the "outside". I
would like to take care of our mail and DNS services. Webaccess should be
possible from some our workstations.

When it comes to mail I want a mailserver that is our official
"mail.company.com" and this server shall forward all our mail to an
Exchange server behind the firewall. Of course no relaying should be
allowed by others.

I'm aware that it involves some new hardware, but it is no problem, we want
to build  this the right way the first time.

I have had some experience with RedHat but any distribution will do.

Can you suggest a solution? Or point me in the right direction?

Thanks

Leslie Jensen
IT - manager
Extraco AB
Sweden

 
 
 

Suggestion on Router/Firewall solution

Post by Dean Thompso » Fri, 22 Jun 2001 12:35:37


Hi Leslie,

Quote:> I'm the administrator of a network with approxcimately 100 workstations and
> 8 servers (NT4/W2k). Today we use an ISDN line to connect to the Internet.
> Mail and DNS services are provided by our ISP and that gives us some
> trouble now and then.

> As of next month we will have a direct connection and therefore I would
> like to build a nice firewall/router solution based on Linux. I want to
> isolate our present network so that it is not seen from the "outside". I
> would like to take care of our mail and DNS services. Webaccess should be
> possible from some our workstations.

> When it comes to mail I want a mailserver that is our official
> "mail.company.com" and this server shall forward all our mail to an
> Exchange server behind the firewall. Of course no relaying should be
> allowed by others.

> I'm aware that it involves some new hardware, but it is no problem, we want
> to build  this the right way the first time.

> I have had some experience with RedHat but any distribution will do.

> Can you suggest a solution? Or point me in the right direction?

If you are just looking for a simple firewall solution then you could go with
Freesco or Coyote-Linux.  If you are looking to implement all of this on a
number of servers with the firewall running on one of the machines with a
number of other servers then you might want to consider Redhat or Mandrake
(these are the distributions I work with when doing such projects) but any
distribution should do the trick.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

1. SnapGear firewall, ADSL router and backup ISDN router

Hi to everyone,

I have the following configuration:

LAN ----> SnapGear Firewall ----> ADSL Router ----> Internet

I would like to re-use an ISDN router to setup a failover connection to the
Internet, like this:

LAN ----> SnapGear Firewall ----> ADSL Router ----> Internet
                                               ----> ISDN Router  ---->

I belive I've the following options:
1. static routes with different metrics and dead gateway detection: this
only  work if the firewall - ADSL router connection goes down, does not work
if the ADSL router - Internet connection (the one I'm concerned about) fail.
2. dynamic routing protocols, (ie gated or zebra) which should work but are
not installed on SnapGear...

It seems to me it can't be done with this hardware...
Maybe someone has a brighter idea ??? :-)

Kind regards,
    Corrado

2. Announce: Affordable Software Floating License Manager

3. Problem DSL Router <-> Firewall Router <-> Clients

4. viewing/editing .ico (windows icons) files

5. firewall/router - subnet/router - subnet

6. Celeron cachable area

7. Cisco Router/OpenBSD router firewall setup

8. Where is lemacs

9. Do I need a software firewall in addition to a NAT router/firewall?

10. Suggestion needed on Network Backup Solution

11. Looking for HTTP->HTTP gatway solution suggestions.

12. Suggestions for cheap but decent CD-ROM solution?

13. Suggestion needed on Network Backup Solution