> I am starting up another ISP and I would like to know what firewall should
Thats all we need is ANOTHER isp! ;-)
> I use. Is the filtering on the Cisco good enough? I would like to separate
> my internal network from the Inter yet still have access to the internet
> from those machine. Should I setup a Linux box with a couple of network
> cards as my Firewall, or should I buy a dedicated piece of equipement for
> that? I dont like the holes that linux tends to have. What does anyone
> suggest???
I use linux cuz I am familiar with it. Its cheap. You can get a 386-40
with 4 megs ram to be a firewall for you. Just compile ONLY support for
the 2 netcards, and ip firewalling, and NOTHING ELSE, then turn off all
external services excet maybe run a telnet on an uncommon port so you can
remotely administer it.
> Also what equipment should I put before the firewall and which should I put
> behind it. Should I put the PM3 before or after the firewall, Hows about
> the NT server for Web hosting, Unix sendmail server and dns?????
IF you want to get to the PM 3 from the outside world, youd need to put it
BEFORE the firewall. If you dont want to allow outside access like that,
out it behind. Or put it behind put allow services from specific
locations. I guess behind is fine and probably preferred.
And are you trying to firewall your local net from the users on the PM? If
not, then I dont see a reason for a firewall other than IN your upstream
router.
If so, then youd need to separate the pm from your local net via
subnetting, then you could set up filters in the PM 3 to prevent
specific traffic from or to your local net.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
Jake Messinger 713-772-6690 jake@ams.com
Advanced Medical Systems, Inc. jake@uh.edu
Houston, Texas http://www.ams.com/~jake
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
One should not be measured by his/her ascii art ability.