Sign in with
Sign up | Sign in
Your question

Router, firewall, both, confusion...

Last response: in Networking
Share
Anonymous
September 23, 2005 2:37:11 PM

Archived from groups: comp.security.firewalls (More info?)

Which piece of the puzzle handles NAT / port redirection? I'm thinking
either, but my opinion is based on very limited experience with GTA
firewalls such as the old RoBox and GnatBox-Pro.

My real problem is I need a new firewall. My RoBox died and they want too
much to fix it. The GnatBox-Pro is obsolete and I need some newer features.

There is a Cisco T1 router belongs to the ISP with a single net connection
to me. That connection is going to the old GnatBox-Pro.

I have a block of 8 IP addresses from the ISP which let's me use 5 of them.
I have domains and web sites on each of the 5. All incoming SMTP and POP3
traffic to go to one internal IP address to either an exchange server or a
standalone mail server (currently on the private network). All the port 80
stuff currently goes to a different IP on a machine in the DMZ
(semi-private). The port 80's are remapped to ports 1080, 2080, 3080, etc
on a single web server box.

I am looking at either a new GB-200 or a Cisco 871 to replace the
GnatBox-Pro. The main plus for the GB-200 is I know it will do what I want.
The question I have is, is what I described generally true of
router/firewall products or is it unique to the GBA products?

Scott
September 24, 2005 11:46:06 AM

Archived from groups: comp.security.firewalls (More info?)

> Which piece of the puzzle handles NAT / port redirection?

Any/all of them.

Just keep in mind that a network firewall IS a router, in addition to having
more rubust firewall capabilities. A router has a very limited set of
firewall capabilities, but does have some. Usually, both can do NAT.

A firewall can usually handle the whole shebang, becuase it has high
capability in all areas. A router can usually only handle routing/NAT and
(somewhat) limited firewall functions.



-Frank
Anonymous
September 24, 2005 9:04:45 PM

Archived from groups: comp.security.firewalls (More info?)

Frank <Frank@spam2trash.com> wrote:
> Just keep in mind that a network firewall IS a router

Not every firewall is a router.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"
Related resources
September 25, 2005 9:55:48 AM

Archived from groups: comp.security.firewalls (More info?)

> Not every firewall is a router.

As I said, every network firewall is a router.

-Frank
Anonymous
September 25, 2005 8:17:27 PM

Archived from groups: comp.security.firewalls (More info?)

In article <2q2dnX-s0onbDaveRVn-sQ@giganews.com>,
Frank <Frank@SPAM2TRASH.com> wrote:
:> Not every firewall is a router.

:As I said, every network firewall is a router.

Only if you create a circular definition, that a device is not
a "network firewall" unless it is a router.

There are several vendors (e.g., Cisco) who make Layer 2 Transparent
Firewalls, which can sit inline and do layer 4 filtering, without
"routing" the packets. These firewalls do -not- join multiple
broadcast domains (the basic definition of a router): both
sides of them are in the -same- broadcast domain, and the L2T
firewalls pass the broadcast traffic between the two sides
[in accordance with the filtering rules.]
--
I am spammed, therefore I am.
Anonymous
September 26, 2005 11:13:28 AM

Archived from groups: comp.security.firewalls (More info?)

Frank <Frank@spam2trash.com> wrote:
> > Not every firewall is a router.
> As I said, every network firewall is a router.

Not every network firewall is a router. There are bridging firewalls,
for example.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"
!