quote:
Originally posted by Ravuya:
Geez man, and I went off to future shop to buy a linksys router. What am I missing?
A LinkSys router (or one like it) would be the preferred method for most home users but I have a much more complex network than most home users. I actually have two firewalls, the external one is a hardware firewall much like a LinkSys router but with a lot more capability like IPSEC VPN, logging, etc. I do have VPNs set up into other networks using this box.
In addition to that I have an internal firewall that happens to be a P100 running Linux and does a lot more stuff like another layer of security to the other VPN networks, it also serves as a proxy server among other things. A LinkSys firewall will only do a fraction of the things I am doing with this box. Between those two firewalls I have the voidmain web machine which is an oddball way to do semi-DMZ. Behind both firewalls are my home machines.
Of course I could have just used a Netscreen 10 which does have a dedicated DMZ port but that is a lot more expensive than a Netscreen 5 which is only around $500. Of course I was doing all of the above with just a single Linux box using FreeS/WAN for IPSEC VPN (the one that fried the power supply) prior to putting in the Netscreen. Getting FreeS/WAN to talk to other Netscreen devices was a real pain in the ass and the Netscreen 5 was given to me so I used it and I like the extra layers of security.
