[TriLUG] Cable modem + firewall + router
rkelleyrtp at gmail.com
Tue Nov 17 08:47:23 EST 2009
If you go this route (use another machine as your firewall), I highly recommend pfSense as a firewall package. Easy to learn/use, rock solid, and has a ton of features. I run it in a datacenter and have not had any problems.
On Nov 17, 2009, at 8:41 AM, Lee Fickenscher wrote:
> How can NAT can be too slow for an app running over a cable connection. NAT
> isn't going to be any slower than your firewall.
> Regardless the easiest thing to do would be to utilize or add a second NIC
> to one of your linux boxes, make that your firewall, connect a the second
> NIC to a switch and connect all the other servers to the switch.
> On Mon, Nov 16, 2009 at 9:52 PM, Paul G. Szabady <Paul at thyservice.com>wrote:
>> I just upgraded my TWC service to a business class with 5 static IPs.
>> Unfortunately, all I got from TWC was a U10C020 AMBIT cable modem/router
>> configured in bridge mode. They won't provide access to configure it, and
>> even if they did, I'm not sure it'll do what I want. What I would like to
>> have seems pretty simple and straight forward to me, but maybe I have a
>> screw loose. In essence, I want to have a gateway router (their modem?),
>> a firewall that'll route to the static IPs, and of course, 5 ports for my
>> Does anyone have any recommendations? I have iptables configured for now
>> on my linux machines, but the windoze boxen are at risk... I know,
>> there's a windows firewall as well. But I really need the protection to
>> be before the servers, not on them. (Long story, but it has to do with
>> vmware and NAT being too slow for this app.)
>> Thanks in advance!
>> @ Thy Service
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG