I would take a 3rd NIC for the BSD Box attached to the internet and i'd move all machines offering services to the Internet (www, smtp, dns, ...) in an extra area (DMZ).
Do you need to use dhcp? If so i would install the service on an machine internal area.
:-)hno
Thanx for your reply, chewie71,
That`s what i want to read. I also work at an ISP and my predecessor built an Firewall solution based an OBSD 3.0 and IPF as PacketFilter (he said the pf code is insecure). I´d like to use pf cause of the nice features.
THX for your reply.
:-)hno
Hi,
i´m useing OpenBSD 3.0 with isakmpd for ipsec-tunneling (for mobile clients using ssh-sentinel).
Is it possible to limit the number of concurrent IPsec-tunnels.
Thx :-)hno
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.