[SATLUG] Distro for Firewall / Gateway Server

Henry Pugsley henry.pugsley at gmail.com
Mon Nov 17 21:43:32 CST 2008


If you have another system on your network that is always running then
you could netboot the firewall from it instead of using a CDRW. For a
higher level of security use a USB drive with a physical write protect
to boot.

You can also pick up an ASA5505 for under $500 ($350 with a good
discount), which would free up your PCs for other stuff. You get a
5-10 user vpn license with it too, so you can VPN to your home network
easily.

-Henry



On 11/17/08, Alan Lesmerises <alesmerises at satx.rr.com> wrote:
> I understand why you wouldn't want to run anything else on the
> firewall/gateway -- but I'm thinking that means running 2 separate
> systems that would be used at only a fraction of their full potential,
> not to mention the power needed, configuring & maintaining both systems,
> etc.
>
> I'm also not that keen on having to learn another OS -- I don't know
> anything about any flavor of BSD.  I have my hands full trying to learn
> & maintaining several Linux and Windows systems as it is.
>
> But you did give me an idea -- maybe I could run the system as a live CD
> burned with the configuration settings I would need, possibly on a CD-RW
> so I can change things as time goes on.  It's still a question of which
> build (if any) would be better to go with.
>
> Al Lesmerises
>
>
> Brad Knowles wrote:
>> Alan Lesmerises wrote:
>>> If I wanted to setup a server to act as a dedicated firewall /
>>> gateway server, and to possibly run some home automation type stuff
>>> (think X-10 appliances or similar), would there be any particular
>>> distro that would be better suited for that?  In other words, do any
>>> distros come already pre-packaged with the kinds apps that would
>>> support that sort of thing right out of the box?
>> For one thing, if I'm running a firewall/gateway on a box, I don't
>> want anything else running on that box.  I'll run my home automation
>> type stuff on a separate box inside the firewall.
>>
>> On that firewall/gateway box, I'd probably run something like pfSense
>> or m0n0wall, but then those are based on FreeBSD or OpenBSD, and not
>> Linux. And I'd probably make the firewall/gateway box a Soekris
>> net4501 or similar type of single-board-computer, that is not
>> dependent on rotating media and stores it's OS and configuration files
>> on read-only flash.
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to unsubscribe
> Powered by Rackspace (www.rackspace.com)
>

-- 
Sent from Gmail for mobile | mobile.google.com

"The best way to predict the future is to invent it" - Alan Kay


More information about the SATLUG mailing list