[mdlug] Replacing D-Link router with Smoothwall box

Ron Blanchett muteid10t at gmail.com
Wed Oct 1 21:55:22 EDT 2008 

I used smoothwall for a number of years and found it lacking in several areas.
I have since switch to pfSense and have not thought about looking back.

I would suggest looking for a firewall that is not the free version of
a pay product, Smoothwall and Astaro are two such that I can think of.


Go with IPCop, monowall, pfsense or some other such actually free firewall.

-Ron

Note: monowall & pfsense are based off of freebsd, pf uses the
firewall (pf) from openbsd.

On Wed, Oct 1, 2008 at 3:39 PM, Michael ORourke <mrorourke at earthlink.net> wrote:
> Lug Nuts,
>
> I have a small network with a Linux (OpenSuSE 11) server installed.  I am
> considering replacing the D-Link router with a Smoothwall box (Linux
> router/firewall).  But after reading up on the Smoothwall docs, I'm not sure
> of the best way to proceed.  The Linux server is running Samba, Apache, and
> soon to be running a mail server.  According to the Smoothwall docs, it
> looks like you would normally put the server in the DMZ (orange network)
> because it provides external facing services (i.e. web).  But that will
> cause problems with the Samba services as it will be on a different subnet
> than the green network (internal clients) and it will require extra ports be
> opened between the green and orange networks.  Some Google searches have
> suggested that you NOT put Samba on the orange network.
> Here are a couple of possible solutions.  For one, I'm not going to build a
> second server with just Apache and Postfix on the orange network (DMZ), that
> just seems like a waste of resources.  But I could go with a red-green
> configuration and port forward web & email traffic to the green network
> (internal), just like the D-Link does now.  Or maybe setup a second nic
> (eth1) in the server on the green network (internal) and bind samba to that
> interface and still have eth0 on the orange network (DMZ) protected by the
> smoothwall box.  Any other suggestions out there?
>
> Thanks,
> Mike
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>



-- 

Groucho Marx  - "I have a mind to join a club and beat you over the
head with it."

More information about the mdlug mailing list