[Chugalug] Firewall placement?
dave at brockmans.com
Thu Sep 5 18:00:44 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 9/5/2013 11:24 AM, Christopher Rimondi wrote:
> If you will rely on this firewall to view logs then place it
> somewhere it can see the internal IP addresses, i.e. that it just
> won't see a NAT'd IP.
Come again, slowly this time? Where would you put your firewall where
it would not see internal IP addresses in a SOHO environment? Since
SOHO firewall or router really both mean NAT device?
It really depends on your topology and what you want to accomplish.
If you have Cable Internet, then you will have a router (SMC gateway)
and then a firewall. If you are on EPB, you can WAN straight into
your firewall. I prefer a proper border router in front of my
firewall, but that requires someone asking EPB for a routed circuit
for their statics.
No such option with Comcast, you just get to deal with their bridge,
you don't have a single choke point if you have more than 1 static.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Chugalug