Help with locking down network
Hi Everyone,
I have just got adsl and I have set up my internal network like so. ADSL/ROUTER 192.168.1.1 | SWITCH | PC1 - PC2 - PC3 192.168.1.2 to 5 The router has a internal firewall but I want something more secure. I was thinking using a old box and setting up a smoothwall firewall. Does anyone have any other ideas on what would be a good secure option I am fine with a linux or windows option. And what ip addressing scheme should I implement. Is it possible and a wise option to have the adsl modem router with a ip like 192.168.1.1 and then have my internal network like 10.0.0.1 will this be a added layer of security? And sorry last question my router ip was 192.168.1.254 with a dhcp server diving a range of 192.168.1.100 - 200. I tried to change this to a range of 192.168.1.100 to 192.168.1.110 but I kept rejecting any reason for this? Thanks |
smoothwall is fine, although i'd recommend ipcop as a better variant.
use whatever private scheme you want, it's totally irrelevant totally possible to do two networks, but generally pointless. if you wish to place s firewall router between the adsl router and the switch then feel free to do so, it's totally feasible but personally i'd wonder if you'd really benefit that much really... |
Thanks its just that ill be hosting a web page and mail server/dns. So is this possible
adsl/router 192.168.0.1 | SWITCH | IPCOP - 2 nics - 192.168.0.2 \ 10.0.0.1 | PC1 - PC2 - PC3 - And wireless if ever Does that look about right? Thanks |
well no, the switch would be on the other side of the firewall, but essntially it's ok. you do have a complication in that you will be either be masquarading twice between your server and the net or copnfiguring routing on ipcop, and actually i'm not sure that that is even possible. so you either make your router port forward 80 to your firewall and then that port forwards to the server, or you port forward to the server directly from the router, and tell it to route 10.0.0.0/24 via the firewall.
|
Thanks Mate, Later down the track I intend to have a another room with suse on it. Is there a better or easier way to get a very secure internal network?
Thanks |
All times are GMT -5. The time now is 02:27 AM. |