Can anyone help me sort out a box for local NATting please?
I've been looking at various firewall devices from Zyxel, Watchguard, Sonicwall and GTA, but really i've no idea of thier NATting capabilities.
I don't want to go the Cisco route as training costs are out of our range.
I have 300 client machines [not likely to change/expand in the forseeable future]
Our VPN requirements are low - 2/3 users
We don't need firewalling - comprehensive county WAN protection
Additional filtering [again, part of the WAN package] would be a bonus, but not necessary
I have no idea how to even start doing that Geoff. Any pointers/ links...?
@mark: Check out distros such as Smoothewall and Censornet.
I've installed smoothwall in the past. Where would I find reqiurements to take the load?
I'm not confident about the linux approach - i'd much rather have the hardware - i've already had the go ahead to spend the money too. I found it impossible to get support using smoothwall - so gave up on it ib the past.
You could buy an ISA box - relatively cheap!
Problem is I'd want three network ports in the box as a minimum - one for each IP range and one to the router. The problem with my current setup is that the router has a single port which is not routing the two ranges effectively, which I urgently need to fix.
IIRC Karoshi can be used to help you configure this sort of thing ... but you can use multiple NICs or bind multiple addresses to a single NIC. I wouldn't bind all three to a single NIC, but if you use two NICs and have one for external and one for internal it would suit your needs.
We use Watchguard kit as a firewall, but that is because we manage our own connection but still have a seperate filter service even though the firebox has some.
For a Linux solution I'd recommend IPCOP.
We bought a small NAT box so that we could extend our allotted IP addresses given us from .ICT/EMBC for our admin systems. The box recommended to us was a NetGear (can't think right now what model)- really easy to set up and works a treat. Cheap and cheerful, but good nevertheless.
If you want the model number or anything let me know and I'll dig it out and provide links etc.
Thanks Kingswood. How many clients have you going through that NAT box? - I'd like to know what the rating on that is for simultaneous connections it can handle.
@mark: There's nothing stopping you having 3 NICs in an ISA box.
Incidentally, why can't you just use the same IP address range for your Admin and Curriculum networks?
If you intend to use NAT anyway, you will end up using a single IP address viable to the outside anyway.
I have more than 254 devices attached is why. We already have a single IP viewable to the outside world, as the County WAN is made up of private IP ranges. My router is on an LES2 fibre 1/2 mile across town, connected with the one port hence the reason the two ranges don't talk properly.Originally Posted by Ric
So its basically a routing problem?
This is what i'm told - and that I need a local router with a port for each IP range.
There are currently 1 users browsing this thread. (0 members and 1 guests)