Firewall Wizards mailing list archives
Re: Disecting the Cisco PIX
From: Art Mason <a.c.mason () sbcglobal net>
Date: 30 Jul 2002 15:11:03 -0500
Yeah, I've actually been eying the Soekris platforms for some time now. I especially like the ones that support PCMCIA devices (ex. Cisco Aironet 350 wireless NICs). I'm thinking WAN/LAN/DMZ NAT device w/ 802.11b VPN support on a compact flash storage medium. I've successfully deployed quite a few Linux and OpenBSD-based firewalls, w/ great success, and have found their performance to be quite comparable to many of the more expensive commercial offerings (I used to be the tech. coordinator for a school district, so cost was always a concern). I especially appreciate the mature bridging code in OpenBSD 3.1 when employed w/ PF directly behind the border router. The fact that it has no IP addresses assigned to either interface allows for drop-in PnP integration w/ most LAN/DMZ topologies. Only problem would be network management from remote hosts, unless you applied an IP to the internal interface and applied some rules allowing SSH connectivity from a few specific hosts. I've also got another question on ADSL inverse multiplexing (bonding 2 or more ADSL connections together for aggregating bandwidth) on the gateway/firewall/router, but I'll save that for another thread, so as to maintain mailing list etiquette and political correctness for my fellow list subscribers. Thanks for all the input I've received so far. On Tue, 2002-07-30 at 14:36, Kevin Steves wrote:
maybe http://www.soekris.com/ for a hardware platform. -- Kevin Steves | kevin () atomicgears com Atomic Gears LLC | http://www.atomicgears.com/
-- Art Mason Network Consultant Maverick Datacom Voice: (830) 773-8998 E-mail: a.c.mason () sbcglobal net _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Disecting the Cisco PIX Roger Marquis (Aug 01)
- <Possible follow-ups>
- Re: Disecting the Cisco PIX Paul Robertson (Aug 01)
- Re: Disecting the Cisco PIX Magosányi Árpád (Aug 01)
- Re: Disecting the Cisco PIX Paul Robertson (Aug 01)
- Re: Disecting the Cisco PIX Art Mason (Aug 01)