I have studied your suggestion and then summaries as below:
ipchains: used to package filtering (Firewall function),
ipmasqadm: used to control the masquerading, ((NAT function),
squid: used to control the transparent proxying, (web cache proxy function),
ipportfw: used to port forwarding. The internet can directly use the
internal network service. (Mail Relay function, it can allow our Exchange
Server to send /receive mail as normal.)
Have it no any impact on our PPTP connection?
It is my understanding. If it have any incorrect, please point out it.
>I'm still fairly new to Linux networking, but have quite a bit of
>with NT, Exchange (4.0 - 5.5), and MS Proxy (1&2). A few things I can say
>with the knowledge to back it up:
>- MS Exchange is a great mail server for Win clients on a network, but the
>extra functionality and features in Exchange 5.5 make the cost of the
>upgrade more than worthwhile in a corporate network. For example, Exchange
>4.0 does not even include an internet mail connector!
>- MS Proxy should not be considered secure in any way. Either version.
>- The proxy service is too tied to IIS in NT. Any change made to the www
>server config affects the proxy config and vice versa. Same applies when
>proxy service crashes - it takes the www server with it. This WILL happen
>if you're logging in proxy or www and using access control. And it'll be
>the long weekend you go camping without a cell phone or pager.......
>me on this one)
>I've been experimenting with Linux firewalling using ipchains and
>It's taken a bit of time to get used to, but overall I'm impressed with the
>stability, speed, and security of this setup. I'm hoping to implement a
>Linux firewall box in the near future, but still have a few things to work
>Banff, Alberta, Canada
>> Dear Sir,
>> I am now proposing to setup Proxy server for our company. The objective
>> 1) Acting as Firewall,
>> 2) Mail Relay Agent,
>> 3) Enabling virtual IP addressing scheme,
>> 4) Web caching.
>> 5) No impact on our PPTP / RAS connection.
>> We are sitting in one microsoft networking environment and mail server is
>> Exchange v4.0. We now have two options to setup the Proxy server. One is
>> Proxy 2.0 and another is Linux TIS Firewall. I think that most people
>> experiences on this two products and really hope that you could give any
>> opinions on this issue.