have a separate mac network that was using a linux box to route internet traffic to a proxy on our network.
linux box has died
we havent got time or know how any more to build a new linux box, I figure a router will do the same thing, route internet block apple talk.
can anyone suggest a suitable router?
To be precise, a 2600 will do the job.
layer3 switch ?
cool. checking....hmmOriginally Posted by Geoff
how easy are they to set up? as hard as linux stuff?
there seems to be like 30 different models which dont all seem to have firewalls...
If you find the linux stuff hard (assuming you mean the webbrowser based ones) you wont be able to use the cisco box. In order to use linux you just need to know what ports and IPs are, while with the cisco you need to know wildcard masks and be able to (atleast) setup the box in the first place using the associated commands.
Firewall rules on cisco kit aint straight forward. Methodical planning is a must, and as all ports are blocked by default each new port needs to be added one line at a time, or by use of a TFTP server.
And i could be wrong, but i ave a sneaky suspition appletalk is an "add-on" for the cheaper cisco kit. Could be wrong mind.
1 x 2600XM £1100
1 x IOS if you want more than the base features, another £1k
1 x Maint on IOS (no upgrades otherwise) another £1k
IOS licenses are also non transferable (boo! hiss!)
I have a 2610 at home, for the ios cisco wanted £800 and another £800 to update it! Seeing as I got the router on ebay for much less than that :/
You could use a smoothwall box to do it?
i cant see my boss going for that at all. too expensive.Originally Posted by DMcCoy
we dont want to route appletalk, just internet access to an open proxy we have on the windows network.
if its going to be as 'hard' as linux might as well use that. I can install debian, ok although im not sure about having 2 network cards. I have trouble making things with a million options in a config file like (squid) work. my methods of randomly changing stuff until it works tends not work too well on those kinds of software
But i think Id rather not make a mess of something costing a grand. :-S
can we do this sort of thing with smoothwall?
Well, the thought I had was simply that you could set a smoothwall box up as a transparent proxy, with one card on the mac side and one card on the other side.
@j17sparky's comment RE: ACLs.
Yes, the ACLs are hard to setup unless you know the right syntax, the difference between standard and extended ACLs and have a clear understanding of how data flow works...you'd be suprised at the number of people get that wrong.
I can't use my Cisco 2600s for my internet cause they're not the fast ethernet ones...they're standard 10mbps and my internet is 20mbps
NAT statements on cisco routers is a lot of fun aswell.
I'd just use a m0n0wall box. M0n0wall, pfsense or smoothwall...take your pick, they're all great. I prefer M0n0wall and pfsense because they're FreeBSD based.
If you are looking for an open source router, firewall, VPN solution...you should try Vyatta - http://www.vyatta.com
disclaimer - I work for Vyatta
feel free to send me any questions you have or if you need help getting it set up join our user community
hope this helps
Originally Posted by browolf
Am i right in thinking your (lodgical) network is something like this;
[Internet] ----- [Main router] ------[Proxy] ------> Clients
.................................................. ...............-------[Router] ------> Apple clients
The red router being the ex-linux box, connected to the proxy (not nesseserily directly).
If so id look at these 2 "fully working out the box" free products. Smoothwall
Smoothwall is the dogs in terms of features. But i guess endian is more than adiquate for your needs, and its arguably abit easier to set up.
All you'll need to do for the above is burn the ISO.
Choose an old PC with 2 NICs
Install via the easy to use installer, setting up static IPs on the "Red"/WAN and "Green"/LAN nics
Log onto the web browser based interface and enter your main proxy in the "upstream proxy" box.
:laughing3:Originally Posted by FN-Greatermanchester
Sorry, just had to laugh....
The Vyatta looks good & fun - will have to look into that a bit more...
what about a cheap broadband router, would that work?
There are currently 1 users browsing this thread. (0 members and 1 guests)