Hey Chris, and everyone else. I'm still in search for a solution or at
Chris showed me this unit...
and I'm not sure if one of those ports it considered OPT1 or not. I
would need a port for OPT one to bridge to the WAN port, so can
someone tell me if that does have one? I looked through the specs and
nothing stood out to me.
Also, i'm wondering more how I would actually do this. Lets say the
unit is at a colocation place and I have 1 cable. Lets say I order 2
1MB connections and i am given 2 subnet ranges I can use. Is it
possible to route both subnet ranges like say... 188.8.131.52/29 and
184.108.40.206/29, so i'd have those two setups, could i route them
Another setup could be that I just get more IPs for my current
connection (1MB) and up it to 2MB. so that setup would be something
like... 220.127.116.11/28 (I'm using a subnet calc for this, so if i'm
doing it all wrong, just try and adjust the number in your head) how
would I route just that one subset of ips through the monowall?
I want 2 servers to be connected and I'm sure i'll need a small
switch, but if i can find a WRAP with 2 OPT interfaces then great...
but that would mean it has to have 4 ports.
Thanks in advance for the help.
On 5/21/06, Chris Buechler <cbuechler at gmail dot com> wrote:
> On 5/21/06, Josh Hyles <josh dot maillists at gmail dot com> wrote:
> > I use m0n0wall at home and love it to death, but I need m0n0wall in a
> > production environment. I am wondering a few things here. Is m0n0wall
> > a good solution for securing a webserver/SQL server from hackers and
> > such?
> It's, as with any firewall, as good as it's configured. It can't
> protect you from traffic you permit, and since you have to permit
> traffic to a web server via HTTP at least, it won't protect you from
> everything. It'll do a great job of closing off any services you
> don't want publicly accessible.
> My point is, with any firewall, don't think "there's a firewall in
> front of my web server, so it's secure". That's not going to protect
> you from web server or web application vulnerabilities or
> the type of setup you probably want with only two servers is this: