[BlueOnyx:04822] Re: Firewall for Datacenter
Gerald Waugh
gwaugh at frontstreetnetworks.com
Mon Jun 28 14:54:10 -05 2010
On Mon, 2010-06-28 at 14:34 -0500, Chris Gebhardt - VIRTBIZ Internet
wrote:
> Jon McCauley wrote:
> > Chris Gebhardt - VIRTBIZ Internet wrote:
> >> Gerald Waugh wrote:
> >>
> >>> Please excuse the crosspost
> >>>
> >>> We have a number of servers on a Class C network in a data center and
> >>> would like to install a Linux firewall.
> >>>
> >>> I have looked at using bridged firewall, as we do not need/want NAT.
> >>> So far mixed results and can't seem to find one that includes a GUI.
>
> > Also to note Smoothwall http://www.smoothwall.org/
>
> Hmmm, I did not know that Smoothwall would do bridged. I guess you
> could make that work, though I don't think it's intended for that use.
> But slip the /24 across a /30 and sure. Interesting thought.
Yes, that is the work I received from smoothwall
> The only thing I don't like about Smoothwall is that it's management
> options from OUTSIDE the LAN (ie: from the RED interface) are
> comparatively weak.
>
> If you were to want to go that route, however, You might consider
> m0n0wall while you're at it: http://m0n0.ch/wall/
I think that runs on netbsd and has been replaced by pfsense???
>
> I should note that we have many, many customers who lease space in our
> datacenter. We see a lot of different configurations, and of course we
> receive the reboot and remote-hands tickets when something goes wrong.
> The ones we typically do not hear from are running a PIX or ASA. That
> could be for all sorts of reasons, of course, but the commonality is
> worth mentioning.
good article on transparent firewalls here, and is what we are looking
to do.
http://cisco.biz/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml
Gerald
More information about the Blueonyx
mailing list