I am a relative newbie, I built a P4 server last year with RH 9.0 and Apache, it lives in my Windows LAN and does fine - Samba, FTP, HTTP. Now we are "ready for prime time", but I need a perimeter solution. This is my laundry list of what I need:
1.) 2 WANs hot fail-over, preferably bandwidth optimization.
2.) A DMZ for the web server mentioned above (needs to connect to windows box inside LAN for MySQL)
3.) IPTABLES firewall
4.) Must be able to run on a Dual PPro 200MHz Compaq Proliant 2500
5.) To be obvious from the above it must use 4 nics
6.) DNS?
7.) One Wan is static, the second DHCP from ASDL modem.
8.) VPN end-point or pass-through to LAN with W2K3 SMB Server as end-point.

I thought that this was solved last year when buying a HotBrick but the VPN doesn't seem to agree with MS, so I turned to Linux. I have read the ADV Routing How-to, along with many others, but still run into walls.

I have tried RH 9 (installs fine from CD, after learning to pass mem parameters to the kernel), but cannot get the fourth nic installed, with 3 I cannot reach the DNS of my ISP. Also, no more support (updates) for RH 9.

Mandrake 9.2 and SUSE SLES 9 wouldn't install from CD. I got SLES 9 to start the install from Boot floppies but then it couldn't find the CD-ROM still. Switched to NFS using the web server above (which buy the way boots the CD fine so its not a media issue) and it hangs, says its retrieving data and then freezes for 30 minutes before I rebooted.

Debian had various problems not the least of which with graphics (as a newbie I cannot do it all from the #). Again getting 4 nics, 2 the same card and therefore the same driver. In latest release -WOODY- the kernel has multiple tables turned off by default after 3 tries and 2 days of processor time I gave up on compling a new 2.6 Kernel.

I've tried Sentry - the firewall distro, but again it wouldn't boot on the Proliant (it did on web server - not a media problem).

To sum up, I am at an impasse, I need guidance, which distro? can 4 nics really work? has anyone written a comprehensive (almost cook book) guide for this type of application? Any help is much appreciated!!

i know that you can get 4 nics to work, becuase i got 2 gigabits and 2 100mbps nics all to run on red hat fedora. that is the limit of my knowledge on the subject, i know nothing about linux, hope that answers at least a small part of the question.

Re Debian you do not need to compile a new kernel. If you want the 2.6 kernel then edit your /etc/apt/sources.list and change references to stable to testing. Then do apt-get update then do apt-cache search kernel-image-2.6 and then apt-get install kernel-image-2.6-version_of_your_choice. Having completed that, edit the sources.list back to what it was. I personally would go out and buy 4 identical realtek 8139too based cards and use those, they're cheap enough. Debian is really easy to setup all the cards as they are all controlled through /etc/network/interfaces. The only real problem I could enviisage is a hardware problem on irq's clashing but this should not be an issue on the type of motherboard mentioned.
An excellent install guide for the purpose mentioned is The Perfect setup -Debian

Thanks both for your input! I do have 5 identical d-link cards that have the 8139 chipset, I could swap those into the box, and I agree I think that with it being a compaq "server" I shouldn't have any confilcts. Would you suggest disabling the embedded nic in bios (can I do that?)?

As far as the kernel, 2.6 does that have multiple tables set to yes? That's the only reason why I chose to recompile, I tried to do something that was in the adv routing HOW-TO and came up with an error, which I was able to track down to a problem with the kernel config.

When you say tables I assume you mean ip-tables. Debian uses the root command modconf to install modules that are included in the kernel. Most are set as modules under the section /kernel/net/ipv4/netfilter. When you do modconf it will come up with a menu for all the modules in the kernel. (Many of them are also in the 2.4 kernel as well. ) Go down the list to the section I have mentioned and install the filters you require.
WRT on-board lan - depends largely on whether the chipset is supported. There should be an option in the bios to turn the lan off.
WRT setting up the networking you can setup the cards under /etc/network/interfaces with either static addressing or dhcp. If you use dhcp you must install and setup the dhcp daemon as it is not installed by default.
Since you are relatively new to Linux I would suggest looking at the MonMotha firewall script. There is a very good article on how to implement it in Debian. The MonMotha script is excellent in that it does firewalling, nat routing and ip-forwarding as a single script and brings it up on boot. I use it on my webserver and it has done me well. The structure is clean and you can get a good idea of what is going on by reading through the script.