Router, firewall, both, confusion...

Archived from groups: comp.security.firewalls (More info?)

Which piece of the puzzle handles NAT / port redirection? I'm thinking
either, but my opinion is based on very limited experience with GTA
firewalls such as the old RoBox and GnatBox-Pro.

My real problem is I need a new firewall. My RoBox died and they want too
much to fix it. The GnatBox-Pro is obsolete and I need some newer features.

There is a Cisco T1 router belongs to the ISP with a single net connection
to me. That connection is going to the old GnatBox-Pro.

I have a block of 8 IP addresses from the ISP which let's me use 5 of them.
I have domains and web sites on each of the 5. All incoming SMTP and POP3
traffic to go to one internal IP address to either an exchange server or a
standalone mail server (currently on the private network). All the port 80
stuff currently goes to a different IP on a machine in the DMZ
(semi-private). The port 80's are remapped to ports 1080, 2080, 3080, etc
on a single web server box.

I am looking at either a new GB-200 or a Cisco 871 to replace the
GnatBox-Pro. The main plus for the GB-200 is I know it will do what I want.
The question I have is, is what I described generally true of
router/firewall products or is it unique to the GBA products?

Scott
5 answers Last reply
More about router firewall both confusion
  1. Archived from groups: comp.security.firewalls (More info?)

    > Which piece of the puzzle handles NAT / port redirection?

    Any/all of them.

    Just keep in mind that a network firewall IS a router, in addition to having
    more rubust firewall capabilities. A router has a very limited set of
    firewall capabilities, but does have some. Usually, both can do NAT.

    A firewall can usually handle the whole shebang, becuase it has high
    capability in all areas. A router can usually only handle routing/NAT and
    (somewhat) limited firewall functions.


    -Frank
  2. Archived from groups: comp.security.firewalls (More info?)

    Frank <Frank@spam2trash.com> wrote:
    > Just keep in mind that a network firewall IS a router

    Not every firewall is a router.

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
  3. Archived from groups: comp.security.firewalls (More info?)

    > Not every firewall is a router.

    As I said, every network firewall is a router.

    -Frank
  4. Archived from groups: comp.security.firewalls (More info?)

    In article <2q2dnX-s0onbDaveRVn-sQ@giganews.com>,
    Frank <Frank@SPAM2TRASH.com> wrote:
    :> Not every firewall is a router.

    :As I said, every network firewall is a router.

    Only if you create a circular definition, that a device is not
    a "network firewall" unless it is a router.

    There are several vendors (e.g., Cisco) who make Layer 2 Transparent
    Firewalls, which can sit inline and do layer 4 filtering, without
    "routing" the packets. These firewalls do -not- join multiple
    broadcast domains (the basic definition of a router): both
    sides of them are in the -same- broadcast domain, and the L2T
    firewalls pass the broadcast traffic between the two sides
    [in accordance with the filtering rules.]
    --
    I am spammed, therefore I am.
  5. Archived from groups: comp.security.firewalls (More info?)

    Frank <Frank@spam2trash.com> wrote:
    > > Not every firewall is a router.
    > As I said, every network firewall is a router.

    Not every network firewall is a router. There are bridging firewalls,
    for example.

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
Ask a new question

Read More

Firewalls Routers Internet Service Providers Networking