LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Debian Gateway Help (https://www.linuxquestions.org/questions/linux-networking-3/debian-gateway-help-593679/)

blake11 10-22-2007 10:17 AM
Debian Gateway Help
 
I have a LAN which I am very happy with at the moment. I am using a Linksys WAG5GX2 ADSL modem/wi-fi router with 3 wired and 2 wireless computers behind it.

1 of the wired machines is my Debian box (with 1 NIC) which acts as a web server, mail server, DNS server and file server (and probably a few more servers which I've forgotten!)

But, I am told it would be better if I had another machine, running Shorewall or similar on it, as a gateway between the internet and my LAN - but I am unsure how to do this.

I have a seperate USB ADSL modem (a BT Voyager 150) which I used when I only had one PC. I want this to connect to the gateway, and then the gateway connects to my Linksys router which (I think) would share the Internet connection.

How would I go about doing this?

Thanks very much!

farslayer 10-22-2007 11:44 AM
Actually if I had a machine providing Internet accessible services I would want to put it in a DMZ interface separate from the rest of my internal network.

Code:
Internet
    |
    |
(public / Internet)
    |
    |
  <eth0>
Shorewall firewall<eth1>-------(DMZ)-------Web Server
  <eth2>
    |
    |
(private / Internal LAN)
    |
    |
Rest of the PC's on your LAN
the DMZ feature on your broadband router is a misnomer. if the DMZ area is the same area as the internal LAN there is no separation, so therefore no true DMZ..

A firewall with 3 Interfaces (public / DMZ / Private ) can provide that true separation, to achieve the security level you should have.

blake11 10-23-2007 12:11 PM
thanks farslayer, that is now going to be my weekend project!

However, I am unsure which router to buy. It needs to be wireless, but also needs to have about 6 ethernet connections availible as well. I've been looking on ebuyer.co.uk, but I cannot find one. What should I get?

farslayer 10-23-2007 01:32 PM
thought you were going to build a firewall using a PC with multiple interfaces, and something like Shorewall...


For purchase, at a reasonable cost, with wireless and separate DMZ interface.. hrm..
http://www.provantage.com/zyxel-zywall2wg~7ZYXF005.htm
Quote:
The ZyWALL 2WG offers the Secure Zone technology that SOHO users can simply deploy access servers in a DMZ zone separated from the trusted local network (LAN). The DMZ zone and WLAN zone have their own DHCP service, and all zones are securely segregated by firewall rules.

blake11 10-24-2007 01:21 AM
Quote:
Originally Posted by farslayer (Post 2933973)
thought you were going to build a firewall using a PC with multiple interfaces, and something like Shorewall...


For purchase, at a reasonable cost, with wireless and separate DMZ interface.. hrm..
http://www.provantage.com/zyxel-zywall2wg~7ZYXF005.htm
I am, but this router is to is for the LAN after the firewall as I want to upgrade my current one!

Thanks for the suggestion anyway.

farslayer 10-24-2007 07:23 PM
Oh well if you don't need the DMZ on the router, then you can go with a less expensive solution than that Zywall..

Netgear, or Linksys would be a decent choice.


All times are GMT -5. The time now is 02:56 PM.