Re: DSL firewall/router solutions?
On Mon, 2003-07-14 at 22:07, [EMAIL PROTECTED] wrote: > Once you are "registered" and have a username and password, you never need > to use their software again. I recommend burning it. It's a great symbolic > gesture.[1] > You can still get around installing software. I just got DSL 2 weeks ago (4 day turnaround from signing up on web site to going live, not bad if you ask me). I have a SMC Barricade Wireless Hub/router/NAT. I called Verizon's 800 number (5 minute wait) and said 'I see you support Hubs/NAT, what do I use for my username/password? The guy walked me through it giving me a temporary username/password to get connected, then I went to their web interface and gave myself a real username/password and reset the SMC to use that, rebooted and everything worked! Oh, and make sure that you plug your DSL filters into the WALL and not into the telephones! It makes a big difference! > Footnote > > [1] Credit to Linus Torvalds. That's from the coding style readme regarding the GNU coding style! :-O -- Jeff Macdonald <[EMAIL PROTECTED]> Into birding? Check out http://www.migratus.com ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
> On Mon, 14 Jul 2003, "Jason" == Jason Stephenson wrote: Jason> As for the providers saying that they could give you DSL and Jason> then saying that they couldn't, I have no idea. I do know Jason> that one provider told me that they could give me DSL, but Jason> that it would be slow, and my current provider said that Jason> we could all the way to 1.5 Mbps and beyond. I'd say maybe Jason> somebody's database got a little messed up. Yeah. After speaking with Earthlink a little more yesterday, I uncovered that they seem to think DSL is available for me at 384/384, but they only sell at 768/384 or something. IOW, what's available in the CO is below what they resell. So they say. At this point, I may as well wait for Comcast to roll out cable modems. I've lived this long with dial-up, another month or two won't kill me :) THanks, -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
In a message dated: Mon, 14 Jul 2003 19:42:52 EDT [EMAIL PROTECTED] said: >On Mon, 14 Jul 2003, at 7:35pm, [EMAIL PROTECTED] wrote: >> If it weren't my brain-lapses requiring you to answer what most would >> consider rather obvious and self-evident questions, we'd have almost no >> traffic here. > > We could always go back to talking about NIS and NFS. ;-) Nahhh, that's no fun :) -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
>> Or, is it just easier to use iptables/netfilter on my system at home >> and make that the router/ firewall for my network? > > For someone with your experience level, Paul, I'd say to go with > IPTables. > It isn't hard, and you'll never run into something you can't do. A co-worker of mine is using ipcop as his firewall. It is a firewall/router distro with all sorts of features. 2.4 kernel support, good web based rule setup that works in lynx (can't say that about linksys), dmz support if you want. Check it out at http://www.ipcop.org Derek Doucette http://derek.homeunix.org ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
Kurth Bemis said: > Stay away from Linksys. We have about 50 8 port firewall/gateway poxed > deployed. They seem to "go dumb" and need a reboot once an a while, > even with the new firmware, also throughput isn't that good on them, > compared to the netgear routers that we have deployed... I second that. I have a sr-41 router/4 port switch which seems to need to be rebooted about once a day to maintain any throughput. I have still yet to find the problem, but I have at least stopped calling verizon weekly to place the blame on their line to my place. I have seen the netgear routers at work with some pretty good results. Derek Doucette http://derek.homeunix.org ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 9:36pm, [EMAIL PROTECTED] wrote: > If you go with Verizon, you may have to also use PPPOE (PPP over > ethernet). Verizon uses PPPoE on all their dynamic IP address DSL accounts. Their "registration" process involves running a software suite on a Windows-based PC. It installs all sorts of crap you don't want, and then forces you through a web-page sign-up script. The usual drill -- it could all be done in an OS-neutral, platform-independent manner, without installing anything, but that would be too easy. Once you are "registered" and have a username and password, you never need to use their software again. I recommend burning it. It's a great symbolic gesture.[1] For Verizon's "premium" "business-class" service with the static IP address, you just run plain old IP-over-Ethernet, the way God intended IP to work. :) Note that actually getting a static IP address can be difficult. Not because the technology is unavailable, but because most of their sales force can't even spell "DSL". Once installed, though, no registration is required. Simply plug-in, ARP, and go. Footnote [1] Credit to Linus Torvalds. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
Since no one mentioned it, I'll tell you what I use for my SDSL router/firewall: an old PC with 2 NICs and OpenBSD with ipf and ipnat. (I'm still running OpenBSD 2.7.) If you have an old machine to spare, i'd definitely recommend going this route rather than getting a "broadband" router. My reason for saying this is that I have little or no experience with such. From your other postings on this list, Paul, you seem to know pretty much what you're doing, so I'd recommend you use iptables and ipfilter. If you go with Verizon, you may have to also use PPPOE (PPP over ethernet). I'm not certain of this, because my wife uses Verizon DSL on her Mac downstairs and it has this keep-alive agent that it must run. Since it requires a password and all that jazz, i'm assuming that it's doing PPPOE. In my experience, GNU/Linux or one of the BSDs installed on an old machine (Pentium class or better) makes an excellent router. I've used a P100 and now a 300 MHz K6 machine and both could push packets from one NIC to the other faster than my DSL connection could handle them. As for the providers saying that they could give you DSL and then saying that they couldn't, I have no idea. I do know that one provider told me that they could give me DSL, but that it would be slow, and my current provider said that we could all the way to 1.5 Mbps and beyond. I'd say maybe somebody's database got a little messed up. Cheers, Jason ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 7:35pm, [EMAIL PROTECTED] wrote: > If it weren't my brain-lapses requiring you to answer what most would > consider rather obvious and self-evident questions, we'd have almost no > traffic here. We could always go back to talking about NIS and NFS. ;-) -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
In a message dated: Mon, 14 Jul 2003 17:50:00 EDT [EMAIL PROTECTED] said: > For someone with your experience level, Paul, I'd say to go with IPTables. >It isn't hard, and you'll never run into something you can't do. Everyone keeps saying this :) I donwanna. I wannna be a stupid user and be lazy :) > Just don't define any routes via gateways that don't exist. ;-) What's a gateway? ;) You know, you really take all the fun outta this stuff :) If it weren't my brain-lapses requiring you to answer what most would consider rather obvious and self-evident questions, we'd have almost no traffic here. Except maybe the [OT] ones ;) -- Seeya, Paul It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003 [EMAIL PROTECTED] wrote: > On Mon, 14 Jul 2003, at 10:19am, [EMAIL PROTECTED] wrote: > > > Or, is it just easier to use iptables/netfilter on my system at home and > > make that the router/ firewall for my network? > > For someone with your experience level, Paul, I'd say to go with IPTables. > It isn't hard, and you'll never run into something you can't do. Perhaps the ideal solution would be to scare up a low-spec box and throw in a couple of cheap NICs, then put SmoothWall onto it. It'll give you everything a router can and more, is a snap to set up and configure, and you can ssh in to it and play with the config files directly when you have a particularly tricky hoop that needs jumping through. :) > Just don't define any routes via gateways that don't exist. ;-) Well, with the possible exception of that one ... ;) -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, at 10:19am, [EMAIL PROTECTED] wrote: > So, I'm wondering about which DSL firewall boxes are decent, and can they > handle dynamic IP addresses? Define "decent". You can go into Staples or Best Buy or CompUSA or even Wal-Mart and buy just about any "SOHO router" and get a fair product. LinkSys, NetGear, Belkin, SMC are popular brands. Even Microsoft is reselling someone's stuff now. Standard features include: NAT; elementary firewall; web-based UI that usually works with Mozilla; DHCP/PPPoE/static on the WAN side; DHCP server on the LAN side. Most let you do basic port forwarding, port filtering, and that sort of thing. Most are also very inflexible: They do exactly what they do, and nothing more. If you hit a limitation, your only options are to get rid of it or do without. You'll find everyone has bad experiences with some of the brands. They crank these things out by the thousands for next to no money. They rev the firmware constantly as they try to add this or that new feature or debug this or that quirk. The fact of the matter is, you're getting what you pay for with these things. They are perfectly fine for the average home user who wants to read email and download porn and pirated music, but they're not carrier class equipment and never will be. > Or, is it just easier to use iptables/netfilter on my system at home and > make that the router/ firewall for my network? For someone with your experience level, Paul, I'd say to go with IPTables. It isn't hard, and you'll never run into something you can't do. Just don't define any routes via gateways that don't exist. ;-) -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
more than a theory. WIth the Linky befsr41, some of the newer firmware is (using a highly technical term here), crap. Some of the 1.43.x releases had problems causing the router to hang often. Fortunately, I had kept some older releases around and was able to flash back to a stable 1.42.x version (.7 is good). As usual, if it's not broken... every brand seems to have some problems and some good points. I and a lot of others have had real good luck with this unit. I've known some dlink, smc, netgear to work and not work too... The other thing that I have found is to keep the AP separate from the router. This has come in handy when the location for the router isn't optimal as I can move the AP to a better location without resorting to boosters. And, when it's time to upgrade to a newer AP or to the VPN router, I can do it without taking everything down... joe > I have the same thing and 2 of my friends do as well - we all had the same > issue... all of a sudden, the thing just started freaking out, I've personally seen both sides of this case. I'm on my second BEFW11S4, having left the first with my parents for them to use. I typically use mine as an AP/switch only, and my parents use theirs as a gateway to TW RoadRunner service. I have had no problems with either one. Two cow-orkers recently purchased this model on my recommendation and have each had problems with theirs. Off the top of my head I can remember DHCP/PPPoE dropouts, port forwarding mixups, and general flakiness. Usable, but frustrating. My best theory on the issue is that this particular model has been "improved" to its current state. My two units were both purchased 1-2 years ago and are the original hardware release. The other two were new in the last 6-9 months, and are probably version 3 or 3.2. It's quite possible that recent versions just aren't as stable as the original and no amount of firmware patching can fix it. But that's just a theory. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 14 Jul 2003, Ben Boulanger wrote: > On Mon, 14 Jul 2003, Jerry Feldman wrote: > > I have a Linksys BEFW11S4 4 port Wireless. > > I have the same thing and 2 of my friends do as well - we all had the same > issue... all of a sudden, the thing just started freaking out, I've personally seen both sides of this case. I'm on my second BEFW11S4, having left the first with my parents for them to use. I typically use mine as an AP/switch only, and my parents use theirs as a gateway to TW RoadRunner service. I have had no problems with either one. Two cow-orkers recently purchased this model on my recommendation and have each had problems with theirs. Off the top of my head I can remember DHCP/PPPoE dropouts, port forwarding mixups, and general flakiness. Usable, but frustrating. My best theory on the issue is that this particular model has been "improved" to its current state. My two units were both purchased 1-2 years ago and are the original hardware release. The other two were new in the last 6-9 months, and are probably version 3 or 3.2. It's quite possible that recent versions just aren't as stable as the original and no amount of firmware patching can fix it. But that's just a theory. - -- Matt BrodeurRHCE [EMAIL PROTECTED]http://www.NextTime.com Why be difficult when with a bit of effort you can be impossible? -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/EwQzc8/WFSz+GKMRAqNNAJ9tc0O1j53O7c4XIr/t8j8tDbaDcwCdE4Me mxCjkf+65AbtU+m6DiMYpXE= =9QR2 -END PGP SIGNATURE- ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003, Jerry Feldman wrote: > I have a Linksys BEFW11S4 4 port Wireless. I run it 24X7 with zero > problems. The only reason I have ever shut it down was to flash a new > firmware or when Comcast changed over the other day, I booted Windows > and connected my PC directly. I have the same thing and 2 of my friends do as well - we all had the same issue... all of a sudden, the thing just started freaking out, Wouldn't forward packets, and then the wireless just stopped working. I'm avoiding linksys for awhile... Ben -- Behind an able man there are always other able men. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
On Mon, 14 Jul 2003 12:46:57 -0400 Kurth Bemis <[EMAIL PROTECTED]> wrote: > Stay away from Linksys. We have about 50 8 port firewall/gateway > poxed deployed. They seem to "go dumb" and need a reboot once an a > while, even with the new firmware, also throughput isn't that good on > them, compared to the netgear routers that we have deployed... > > Maybe now that cisco owns them they'll start making decent products > again. I have a Linksys BEFW11S4 4 port Wireless. I run it 24X7 with zero problems. The only reason I have ever shut it down was to flash a new firmware or when Comcast changed over the other day, I booted Windows and connected my PC directly. -- Jerry Feldman <[EMAIL PROTECTED]> Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 pgp0.pgp Description: PGP signature
Re: DSL firewall/router solutions?
> On Mon, 14 Jul 2003, "Travis" == Travis Roy wrote: Travis> Any decent "broadband router" can deal with DHCP. Good to know, since I've never looked at any of these :) Travis> I've used linksys ones with great results, I have some Travis> friends using Netgear ones that also work good. Thanks. I've always been a big fan of NetGear b/c of their Linux support. I'll check them out. -- Seeya, Paul -- Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE It may look like I'm just sitting here doing nothing, but I'm really actively waiting for all my problems to go away. If you're not having fun, you're not doing it right! ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
Stay away from Linksys. We have about 50 8 port firewall/gateway poxed deployed. They seem to "go dumb" and need a reboot once an a while, even with the new firmware, also throughput isn't that good on them, compared to the netgear routers that we have deployed... Maybe now that cisco owns them they'll start making decent products again. ~kurth Travis Roy wrote: However, they charge more than I'm willing to pay for a static IP. So, I'm wondering about which DSL firewall boxes are decent, and can they handle dynamic IP addresses? Or, is it just easier to use iptables/netfilter on my system at home and make that the router/ firewall for my network? Any decent "broadband router" can deal with DHCP. The only thing you usually have to worry about is when ISPs (like MediaOne back in the day) would renumber and kill your DHCP lease in the middle of a lease, but a reboot of the system/router would fix that. I've used linksys ones with great results, I have some friends using Netgear ones that also work good. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: DSL firewall/router solutions?
> However, they charge more than I'm willing to pay for a static IP. > So, I'm wondering about which DSL firewall boxes are decent, and can > they handle dynamic IP addresses? Or, is it just easier to use > iptables/netfilter on my system at home and make that the router/ > firewall for my network? Any decent "broadband router" can deal with DHCP. The only thing you usually have to worry about is when ISPs (like MediaOne back in the day) would renumber and kill your DHCP lease in the middle of a lease, but a reboot of the system/router would fix that. I've used linksys ones with great results, I have some friends using Netgear ones that also work good. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
--- [EMAIL PROTECTED] wrote: > So, I'm wondering about which DSL firewall boxes are decent, and can > they handle dynamic IP addresses? I used one from DLink (DI-704) with a dynamic IP address when I had broadband. If I recall correctly, when your broadband modem boots up it will go find an IP address and then set via DHCP the WAN address on the router. Something like that anyway. It was very straightforward to configure. -Mike- = "The power of accurate observation is commonly called cynicism by those who have not got it" -George Bernard Shaw __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: DSL firewall/router solutions?
We use a lot of Greatspeed brand routers for our corporate DSL offerings. They seem to be pretty reliable, and they have models with a decent built-in firewall. Check ebay, you can usually find them out there for less than $100. Check out www.dyndns.org , or similar, for a free dynamic dns service. There are linux clients that will update your IP address, so you can have a "static" hostname like "pll.dyndns.org" that will always be mapped to your current DHCP WAN IP. On Mon, 2003-07-14 at 10:19, [EMAIL PROTECTED] wrote: > I'm about to order DSL. Unfortunately, SpeakEasy isn't available in > my area, so I'll likely go with Earthlink. Since they're > my current ISP, it at least makes the switch easier, i.e. now e-mail > address changes :) ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
