[clug] Router / firewall recommendations?

Rasjid Wilcox rasjidw at openminddev.net
Thu Dec 4 11:06:43 GMT 2003 

On Thursday 04 December 2003 18:47, Brad Hards wrote:
> I like e-smith (Mitel's SME server) but I don't think it has long term
> viability, and that worries me for security updates etc. It also doesn't
> really provide a firewall / DMZ type concept very well either.

I know that you were quite active with SME at one point Brad, but if you have 
not been following the list recently, there has been a big change.  Mitel 
have passed control and development of the GPL version to the open-source 
community, which I personally think greatly lifts its ongoing viability and 
potential.  The GPL version will now be hosted at contribs.org, and will have 
no official connection with Mitel.  Bit like the spilt between Redhat and 
Fedora, only bigger (or at least that is how I'm reading it).

That being said, for a firewall, I can highly recommend Astaro.  Its main 
downside is that it is a commercial product, but it is free for personal use.  
(For personal use you can only have 10 machines behind it before it will 
complain.  If you help out on the forums etc, you can earn the right for 
more.)

> I installed Mandrake's Multinetwork firewall, which has promising IPSEC
> support, but either the configuration setup sucks, or I'm doing it wrong.
> Documentation is light to non-existent.

Astaro has an extremely good IPSec interface, and also a very good firewall 
rule creation interface.

> I guess I'm looking for a firewall that does:
> ADSL PPPoE,
> dynamic DNS client support
> port forwarding
> and supports multiple interior networks (DMZ, wireless, secure)

Not sure about dynamic DNS client support, but that be easy enough to add.  It 
certainly supports multipile interior networks, and even has QoS controls.  
Not sure about wireless support.

Alternately, there is also Gibraltar, which looks like it has finally finished 
it's GUI interface.  I have not looked at Gibraltar for a while, and I can't 
quite tell from the website whether the GUI interfaces comes with the free 
version or not.

There is also IPCop and Smoothwall of course.  I have not looked at either in 
ages.

Cheers,

Rasjid.

-- 
Rasjid Wilcox
Canberra, Australia (UTC +10 hrs)
http://www.openminddev.net

More information about the linux mailing list