Hi everyone,
I am relatively new to the Unix world, have setup a couple TINYDNS server
and a postfix relay server, so that is the extent of my FreeBSD knowledge.
I have 2 Microsoft ISA servers in a BACK to BACK configuration providing a
DMZ in-between that I would like to get rid of, way mo
> There are 3 remote sites connecting to our network using GATEWAY to
> GATEWAY
> VPN and around 25 remote VPN users that must be dealt with also. Last
> item,
> there is a chance that I will have to connect 3 more remote sites into the
> picture within the next 6 months, so this needs to be scalab
04 2:10 PM
To: Paul Hillen
Cc: [EMAIL PROTECTED]
Subject: Re: Firewall, OpenVPN and Squid question
> There are 3 remote sites connecting to our network using GATEWAY to
> GATEWAY
> VPN and around 25 remote VPN users that must be dealt with also. Last
> item,
> there is a chance that
> I have around 100 users at our site that would require the use of squid,
> we
> house are own webserver, mail server, public DNS servers in the DMZ and 2
> private DNS servers on the internal network, used by both Internal and VPN
> users.
>
> Sites connecting Gateway to Gateway, there are apprx
- Original Message -
From: "Paul Hillen" <[EMAIL PROTECTED]>
To: "Steve Bertrand" <[EMAIL PROTECTED]>; "Paul Hillen" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, July 21, 2004 1:33 PM
Subject: RE: Firewall, OpenVPN
>> We have about 6000 users, and the FBSD firewall never ever hiccup'ed. I
>> could even run tcpdump for hours, and it would rarely ever drop even a
>> single packet.
>
> What size hardware is your firewall running on to handle the potential of
> 6000 users accessing your internal servers for mail,
>> I have around 100 users at our site that would require the use of squid,
> we
>> house are own webserver, mail server, public DNS servers in the DMZ and
>> 2
>> private DNS servers on the internal network, used by both Internal and
>> VPN
>> users.
>>
>> Sites connecting Gateway to Gateway, ther
From: Steve Bertrand [mailto:[EMAIL PROTECTED]
>>> I have around 100 users at our site that would require the use of squid,
>>> we house are own webserver, mail server, public DNS servers in the DMZ
>>> and 2 private DNS servers on the internal network, used by both Internal
>>> and VPN users.
> I would have to guess if a hardware firewall like Watchguard that offers
VPN
> also, that it would have to be beefer than that. Steve going back to
your
> initial response about the PIII 800MHz network, are you using a proxy
for
> the internal users or are they connecting directly to the firewal
Want to thank you guys for your help; I setup my first firewall last night.
Granted it is basic, and have a lot of work to do yet, but it's a start. It
is routing and letting my test machines access the web.
Hopefully the last question (yeah right)
I decided to use IPFILTER and appears to be easy
If you run your own DHCP server then you can lock IP numbers via their
MAC id there for the machines you trust.
Then allow them appropriate access via ipf and corral the rest.
(In DCHP create a 'pool' for others that uses a different section of
your ip range)
HTH
mjt
On Thu, 2004-07-22 at 23:51
11 matches
Mail list logo
