From owner-freebsd-questions@FreeBSD.ORG Wed Jul 21 19:16:08 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 520AE16A4CE for ; Wed, 21 Jul 2004 19:16:08 +0000 (GMT) Received: from smtpgate.tsgincorporated.com (smtp2.tsgincorporated.com [67.66.242.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id A77AA43D41 for ; Wed, 21 Jul 2004 19:16:05 +0000 (GMT) (envelope-from micheal@tsgincorporated.com) Received: from support.tsgincorporated.com (support.tsgincorporated.com [67.66.242.9])i6LJG2XW040515; Wed, 21 Jul 2004 14:16:02 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Received: from micheal (micheal.tsgincorporated.com [67.66.242.77]) i6LJG1HJ051854; Wed, 21 Jul 2004 14:16:02 -0500 (CDT) (envelope-from micheal@tsgincorporated.com) Message-ID: <0e6601c46f57$9b486f70$4df24243@tsgincorporated.com> From: "Micheal Patterson" To: "Steve Bertrand" , "Paul Hillen" References: <2D5D66504FBF4E4FB3A199F121C862382D08E0@exch1.nfmwe.com> Date: Wed, 21 Jul 2004 14:19:09 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 X-Virus-Scanned: by amavisd-new cc: freebsd-questions@freebsd.org Subject: Re: Firewall, OpenVPN and Squid question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jul 2004 19:16:08 -0000 ----- Original Message ----- From: "Paul Hillen" To: "Steve Bertrand" ; "Paul Hillen" Cc: Sent: Wednesday, July 21, 2004 1:33 PM Subject: RE: Firewall, OpenVPN and Squid question > I have around 100 users at our site that would require the use of squid, we > house are own webserver, mail server, public DNS servers in the DMZ and 2 > private DNS servers on the internal network, used by both Internal and VPN > users. > > Sites connecting Gateway to Gateway, there are apprx as follows; > Site 1 - 25 users > Site 2 - 5 users > Site 3 - 12 users > Our site VPN users are Apprx 25, and about 50% of them are connected at any > given time. > > My first thought is to put up a Firewall box that can the load of publishing > many internal boxes and "publish" a box with OpenVPN and another for SQUID > and just keep them all separate. > > Will this setup put to much strain on the FIREWALL box or will it have no > problem handling the NAT/ROUTING in this configuration. > > Thanks in advance > Paul > Considering that many of the current hardware firewall solutions aren't much more than either a BSD or Linux kernel in a ROM chip, with a 486 or 586 based cpu, memory, and a nice gui (Windows or Internal Web interface), I can't see why a similar system on a PC would be any different. -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.