quad gateway software firewall

bitslice · 27 Apr 2007 at 15:33

Hi all,

Your thoughts please:

I've got 4 PC's, a leased internet line, and a multiple public IP block

Each PC is running a test application that requires it's own public IP address

I want remote access to each PC

The PC's can share the same LAN if required, but they don't need to talk to each other,
all comms goes out to their allocated public IP

I'm currently doing this with a local hub plugged into the routers WAN hub,
individual host based firewall software and VNC

I could use 4 individual hardware firewalls, but it seems silly.

Multiple gateway hardware firewalls are too pricey,
so I think I'm after a quad gateway software firewall,
smoothwall do one, but it's not free.

.

m_cozzy · 27 Apr 2007 at 19:40

'dont need to talk to each other' or MUST NOT talk to each other? Surely you just need a decent router/firewall with the public servers in the dmz ?

oddjob62 · 27 Apr 2007 at 20:06

Why do you need multiple gateways? You've only got got a single internet connection it seems.

bigredshark · 27 Apr 2007 at 21:51

any old hardware firewall will do this, it's nothing unusual.

or you could use something like a netscreen 5 in transparent mode

whole host of ways, you're making it needlessly complex

wasc · 28 Apr 2007 at 22:03

Sounds like just a standard Thomson Speedtouch router will do, like the 546.

Just choose the no-nat setup and give each machine one of your public broadband ip's.

derfderfley · 29 Apr 2007 at 13:02

bitslice said:
Hi all,

Your thoughts please:

I've got 4 PC's, a leased internet line, and a multiple public IP block

Each PC is running a test application that requires it's own public IP address

I want remote access to each PC

The PC's can share the same LAN if required, but they don't need to talk to each other,
all comms goes out to their allocated public IP

I'm currently doing this with a local hub plugged into the routers WAN hub,
individual host based firewall software and VNC

I could use 4 individual hardware firewalls, but it seems silly.

Multiple gateway hardware firewalls are too pricey,
so I think I'm after a quad gateway software firewall,
smoothwall do one, but it's not free.

.

I'd have a look at monowall as that apears to do what your looking for. Failing that a Cisco PIX 501-10 runs around £250 and will do what you want, but if you don't have any cisco experience configuration will be tricky.

bitslice · 30 Apr 2007 at 12:55

"firewall with the public servers in the dmz ?"

- would they then all have the same WAN address ? (I think)
_________

"do not or MUST NOT talk to each other?"

inter PC security isn't an issue,
nice to have, but I didn't want that to limit a solution
________

"any old hardware firewall will do this"

I've got a couple of sonicwalls going spare, I guess if I configure one as a LAN-LAN firewall (I think they call it 'standard') then that would work.
Although I've never had much success with getting sonicwalls to do anything they are supposed to do reliably.

_________

The m0n0 firewall seems to do it.
http://doc.m0n0.ch/handbook-single/#FAQ.IpAlias
I haven't got my head around it yet. I'm always thinking in NAT mode.

Thanks people,
I'll go try some of these out.