Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 21 Aug 2002 20:35:26 -0400
From:      "RDWestSr@hotpop" <rdwestsr@hotpop.com>
To:        <freebsd-questions@freebsd.org>
Subject:   Firewall Help plz
Message-ID:  <001401c24973$cf3fb240$0a00a8c0@papabear>
next in thread | raw e-mail | index | archive | help 
hi guys,
i need a little input on freebsd firewalls--
check my ideas out and maybe advise me the best route and point me to some
detailed links etc...
     a friend of mine asked me to help him get his small business online.
i'm looking for some ideas on this.  my questions...

10 computers
- 1 server
-9 clients

ok,  all customer info, orders, etc is kept on the server...   he has 9
employees that log into the server from their client pc to update and change
information etc...

now his employees want on the net to surf, mail, download mp3's etc...
he's getting a commercial cable account

what is the best secure way to build the firewall or wall(s) for the
network....
hummm
the server needs a big wall :)
here's my thinking

the server has to be secure enough that if and when a client gets hacked
that they can't get into the server and screw it up...

so...
NET->
FREEBSD _FIREWALL/GATEWAY (nic cards to 2 networks)
LAN_#1(all 9 clients)
LAN_#2(the server)
-------------------  or
NET->
FREEBSD _FIREWALL/GATEWAY-#1->
#1-LOCAL_AREA_NETWORK->
FREEBSD _FIREWALL/GATEWAY-#2->
THE_SERVER
--------------------
here's my main question--
can freebsd be setup by MAC ID access ?????
my ideas are to route access for the clients on ports 20,21,25,53,80,110 to
access net while nic #2 of LAN#2 is setup where only the 9 MAC IDs of the
LAN#1 can access the server...

thats my way of thinking...    i was thinking a double firewall would be
more secure than a single firewall box...

tx in advance guys...
i'm just trying to save him a ton of money here while making it safe for his
employees to get on the net...

RDWestSr



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001401c24973$cf3fb240$0a00a8c0>