Joined: Mar 31, 2006 Posts: 53 Location: London, England
Posted: Tue Dec 15, 2009 1:38 pm Post subject:
To not re-invent the wheel - I think you should have all your answers by now to make a decision.
Linux is a good choice when it comes to budget and customisation but could be risky if not configured well. If this has been working for you then why the change? (don't answer that)
Cisco routers as mentioned can meet your needs depending on your requirement as already mentioned above. You need to know the requirement to decide on which router to go for. Each of the routers come with different interfaces and you may be required to buy additional interface(s) based on requirement again.
As you have mentioned about "firewall" above you are now looking at ASA/Pix devices in addition to the router (for DHCP/traffic redirect etc). I'd do more feasibility study before. The rest of it can be achieved based on your requirements.
Good Luck!
-d- _________________ A smart person knows what to say, but a wise person knows whether or not to say it.
at C. I was thinking about allowing and external IP address to access my internal network on port 80, but only for a limited period of time. Hours, days, or forever.
There are many reasons why I'm thinking to replace my Linux router with a Cisco:
- the PC hardware is getting old
- software installed is a bit old too
- the many packages installed may not be to the latest version, and even if, some security holes (exploits) could be found.
- a Cisco performs better with large amount of traffic.
- is nice to have a Cisco to play with
- etc
S0lo wrote:
superudu wrote:
A. can i set more than 2 ips on a cisco router interface?
Yes you can do that by using the secondary keyword. The secondary IP addresses can be either on the same subnet or different subnets. Sub-interfaces will work too as sose mentioned but probably requires 802.1Q on the other side too.
superudu wrote:
B. and if yes, can i translate them by nat to specific private ip addresses ( 1 on 1) ?
Yes you can. And you can even translate multiple IPs even if they are not defined as secondary on an interface.
superudu wrote:
C. and a tricky one, if now i have a database with ip addresses that are allowed to come and see web pages from my internal network (each web page corresponds a public ip) - can i also make this type of filtering on a cisco? that is, deny for all but allow for some (and tell the reason, maybe time period)
If I got you well, yes you can. But I'm not sure what do you mean by "and tell the reason, maybe time period".
Thats as far as I know. By the way, it's so happens that this post comes 24 hours right after my first try of Vyatta http://www.vyatta.com
If you haven't tried yet, Vyatta is an open source router based on Linux, The OS is ofcourse free but they also sell dedicated appliances for it. As you might expect the prices are much lower than Cisco's, but the real plus comes if what they claim is true that it's faster than Cisco. I have no idea how valid their claim is, but I tried the PC based OS and it really looks promising.
Posted: Thu Dec 17, 2009 1:01 pm Post subject: I Voted on Linux Router...
Well for the Initial Vote Question; A company with 2 ISP link i will go on a Linux Router. Donanak made a point when he said Linux boxes could pose gr8 security risk and leak if not configured well...
I voted for a Linux Router.
C0DE - 3 _________________ I AM MADE TO SHINE... BORN TO BE GREAT
C0dE - 3
....................................................................
"Take Responsibility! Don't let failures define you"
View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
