Router : Port Forwarding Rules

Anyone know a router that  can accept has unlimited port forwarding rules or are there any alternatives to acheive this.

Unlimited? There would come an eventual limit somewhere anyway... but the real question is why do you want to have so many port forward rules?

What kind of implementation are you using this for?  A small dev/test/home network, or a production enterprise environment, and should it be ethernet to ethernet or do you need T1 interfaces and the like?

Depending on what you want to spend .... I know a cisco 800 series will do a lot more than 30.

Thanks
Scott

I use a linux machine for NAT-ing my internet connection, it can probably handle thousands of forward rules.

The Linksys WRT54GS routers have a number of open source firmware packages available for them.  You can also telnet into the device to setup a number of the features so that you can work around any of the limitations that the GUI has like a fixed number of port mappings.

Well i have 3 application running on each server, and Each application need 27 port forwarding rules.
As of now i am looking for 81 (27x3) port forwarding rules, but
i would like have more port forwarding rules, when i add couple more server.

Try IPCOP with multipule interfaces and an OLD DOG of a machine and your off and running not to mention easy to setup.

For as many ports as you are looking at I think you may want something a little more sophisticated than the Linksys.  Maybe something like a Cisco PIX 501 or 506e so that you can just do static NAT entries to NAT specific public IPs to specific private IPs and then use the access lists to open up ports to those public IPs.  That I think is going to be the way to go.

i would think a PIX firewall would be overkill however IMHO a Cisco 800 series router would be an excellent choice for the SOHO user without causing too many headaches in configuring

Well , I am trying to set up a network for a starup. Network tend to grow in future.

At this point my concern is to keep up the network up and running. ( port forwarding is need for this task), but down the road i am pretty much sure that security  will also play an important role. ((firewall implementation & virus, worm protection)

Keeping this as a prespective what would be an apt solution ?  IPCOP, Cisco 800, Cisco PIX .......

the balancing act that I have always found very hard in engineering any network is cost VS performance... If this is a startup and you have a budget that allows you to buy a Cisco PIX then by all means that would be my prefered.  Also what type of connectivity do they have currently ethernet?  what are they planing to grow into in say 1 year to 3 years.  a cisco2621 with firewall software does a great job for small traffic loads.

Thanks
Scott

$$ is not a problem as of now, but i want to spend in wiser manner. (job security)
I was checking out Cisco PIX 506E & 515E.
Firewall and Security of theses router can be customized? If yes how flexiable ? are theses better in the market ?

well it also depends on the throughput required as well as the level of security .... is your internet handed off to you via ethernet Serial??? how is that handled?

DSL->Router->Switch->Servers->workstation

I would look at a PIX of another kind of firewall for sure and put it were the router is.... the DSL I assume is a modem and you get a static IP address range?

Thanks
Scott

I have one static IP address from a cable company.
There is going to be only one external IP as of now.

a pix 506E then is the way to go.... we use these for all of our remote offices they are very functional.

Thanks
Scott

Diffrence between PIX 506 & PIX 515

Cisco website does not show good comparision chart between PIX 506 & PIX 505 routers , or may be i did not get the correct link to look at rite place

Cisco website does not show good comparision chart between PIX 506e , PIX 505 & PIX 515 routers , or may be i did not get the correct link to look at rite place.

What better featues does PIX 515 have over PIX 505 & 506e

The 515 allows more VPN connections, and also allows you to configure more advanced functions like failover between two firewalls.  The 501 is for a very small office and I don't believe supports any VPN connections, whereas the 506 does support a few (maybe 3 i think?)

The 515E is really nice it is a 1U unit and has a lot more expandability.  If you can swing the 515E this is a great PIX to use.

Thanks
Scott

I would recommend a Cisco PIX 515E however they are quite expensive but as you said £££'s are not an issue. We use it at our Datacenter and they work fine, however their backup and restore procedures are a bit tricky, alternatively, I would recommend Windows ISA Server as a firewall which can take unlimited rules and it can be backed up.

What kind of expandability options does PIX 515 have over PIX 506e.


Firewall configuration ? Memory expansion ?? .....