Solved

Firewall for home

Posted on 2011-09-23
3
663 Views
Last Modified: 2012-05-12
I would like some advice on wether to go with ipcop 2.0 or use a ASA 5505 for my firewall at home. I have a satalite connection 1.5mps that i use for internet connection. I would like to be able to monitor traffic and of course keep ppl out. My network will consist of a direcway 9000 for internet connection. A cisco e4200 wireless router, then either the ipcop or cisco asa5505. This is what i will use on the network: 2 laptops, 2 ipads and a desktop pc. I have some understanding of networking but a long ways to go. i have used the prvious version of ipcop and liked how it showed the connections(incoming and outgoing). The cisco 5505 i have used the gui but i dont know how to see the incoming and outgoing traffic. i also dont know the cli. So any advice for me would be most gracious. I am looking for a why one may be better solution than the other. The cisco ASA5505 has 1GB of memory and the ipcop will be a P4 with 1Gb of memory.
0
Comment
Question by:catndahat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
klodefactor earned 500 total points
ID: 36590663
IPCop is fine, and the P4 is more than enough to handle the traffic.  Myself,  I use m0n0wall (http://m0n0.ch/) for PC-based firewalls.  Like most such firewall software, it provides connection logging so you can monitor what's going through your firewall.  pfsense (http://www.pfsense.org/) is based on m0n0wall and is similarly good.

I haven't enjoyed using the Cisco ASA line of products for corporate use; preferring CheckPoint instead.  ASA may suffice for home use but with open source tools like IPCop/m0n0wall/pfsense, the cost is hard to justify if you have an old PC lying around.  Even if space/noise/heat/power are an issue, you can purchase embedded form-factor PCs that run e.g. m0n0wall (http://www.applianceshop.eu/index.php/firewalls/opnwall/desktop-editions.html) for roughly $300.  That's much less than the cost of an ASA 5505.

By the way I think you're saying your network will look like this:
Direcway 9000  ---  Cisco E4200  ---  Firewall  ---  LAN
Depending on your security requirements, this may also be suitable
Direcway 9000  --- Firewall  ---  Cisco E4200
                               |
                                \---  LAN
In other words you use three separate NICs on the firewall, so each element is on its own network.  This lets you use your firewall for things like VPN and/or captive portal for wifi connections, adding to the security already provided by e.g. WPA2.

--klodefactor
0
 
LVL 18

Expert Comment

by:jmeggers
ID: 36592841
I use a  5505 at home and am happy with it, but I've never really tried anything else.  There are some limitations in the ASA (no PBR, no outside load-balancing of ISP connections) but so far none of those apply to my situation.
0
 

Author Closing Comment

by:catndahat
ID: 36592869
Hey thanks for the response and other suggestions. I will try the m0n0wall and see if I like it.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
BGP DUAL ISP with IP SLA 10 70
ACL not working 11 64
Rogue RDP Connections 5 109
Export and Import an SPA 8000 config 7 43
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question