Solved

What's the ADSL device to use to host a software firewall on a normal PC

Posted on 2015-02-24
8
157 Views
Last Modified: 2015-03-03
I have an ADSL modem that I would like to replace with a computer that has a firewall on it (Pfsense) and I would like to know what kind of device to use on this PC in order to connect to the ISP. Would a USB Modem or faxmodem work? or there's something else that work.

My ADSL Modem is connected with a normal PSTN line.

I would appreciate any suggestion.
0
Comment
Question by:Mohammed Hamada
8 Comments
 
LVL 9

Accepted Solution

by:
Benjamin MOREAU earned 125 total points
ID: 40627868
I think it will be better to use a modem with LAN interface. You will directly connect your "wan ethernet" of you computer to the "LAN interface" of the modem.
0
 
LVL 14

Assisted Solution

by:Otto_N
Otto_N earned 250 total points
ID: 40627873
Basically, you have two types of ADSL devices - ADSL Routers (i.e. a Router with an ADSL uplink, which usually allow multiple PC's to connect the same Internet Access Point), and ADSL modems (a peripheral to a PC, which only allows the single PC access to the Internet Access Point).

You will need an ADSL modem that can connect to your PC.  And, as modems go, you may have the choice between internal or external modem.  You will then have to interconnect the PC with all the other devices you want to give internet access, and point them to the "Firewall PC" as default gateway to get their Internet access.

Note that a faxmodem (V.92) will not work, as it uses V.92 (over the voice channel on your PSTN line) to connect to the ISP POP, and not ADSL (that uses higher frequencies on the copper line, thereby increasing the bandwidth available.  You will need a modem that supports ADSL in particular.

You can use your existing ADSL router to accomplish this connectivity (as Benjamin stated above), but it depends on a couple of factors:  Do you want to use your existing ADSL router to interconnect the other computers in your domain (perhaps even via a WiFi Access Point)? This can be done if the router supports multiple VLANS, and if your Firewall PC have multiple LAN connections (or the ability to run 802.1Q trunking).  This is a bit more complex to set up, though...
0
 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 40627981
The problem is that the ADSL modem restarts and sometimes doesn't work! and I'm also planning on hosting my own mail, ftp, communication servers and do some tests so I would like to publish those services on a dynamic IP that I have from my ISP. Pfsense has dynamic DNS feature that supports NOIP (Free dynamic dns service) and in the mean time I can use the FQDN for supporting all these services and the firewall for publishing the service and also filtering traffic..

If I get another ADSL Modem and connected one of its LAN port to my Firewall PC's WAN port and disabled static NAT of the firewall would that do the trick?

Thanks
0
 
LVL 14

Expert Comment

by:Otto_N
ID: 40627994
Yes, it should, although I'm not sure that you should disable the static NAT - The IP address on the LAN segment of the ADSL router would still be a Private address that must be NATed at some point to the PPPoA address the ADSL router gets assigned.  You should, however, turn of the firewall on the ADSL router, or configure it to permit anything, if you cannot disable it.

However, since you have to look at new hardware - If you can get an ADSL Modem (that can connect via USB to your Firewall PC), the modem interface would become the WAN port of your firewall software.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 23

Author Comment

by:Mohammed Hamada
ID: 40628019
Is there any USB modem that matches the ADSL router capabilities? I donno what standards are both using or what's the exact similarities or differences between them both to be honest.

Also Is it not possible to NAT the ADSL Public IP to the (WAN) port IP of the Firewall directly without doing so to the internal (LAN) IP of the modem?
0
 
LVL 14

Assisted Solution

by:Otto_N
Otto_N earned 250 total points
ID: 40630033
Yes, it's usually labelled "ADSL USB Modem" or something similar - Your ADSL provider (usually the Telco you get your phone line from) should have a list of approved modems and routers, or at least a specification of what the device should support.  They might even be able to supply you with one for free (usually in return for signing some kind of contract with them...)

There are some fundamental differences between an ADSL modem and ADSL Router - The ADSL modem only have two ports (Line & USB), and must be connected to a PC with the required software drivers to work.  The modem is actually a peripheral of the PC, and doesn't offer any LAN services.  The ADSL router, on the other hand, have more ports and operate in stand-alone mode.  It usually offers interconnectivity and Internet access via LAN ports.  However, on the ADSL side, they share the same options and specifications, although different models might support only some of the specs.  Note that, due to it's simpler function, modems should be cheaper than routers, in general.

Regarding the NAT question - Yes, you can do the NAT on the Firewall, if you configure PPPoE on the firewall PC, using the ADSL router only as a bridge.  It this way, the firewall will initiate the authentication with your ISP, and obtain a public IP from them via PPP.  How to configure the PPPoE depends on your OS.
0
 
LVL 26

Assisted Solution

by:Predrag Jovic
Predrag Jovic earned 125 total points
ID: 40631265
And I have advice - stay away from USB modems.
:)
What's wrong with ADSL router and putting host for mail, ftp, communication servers in DMZ (or to do a port forward)???
0
 
LVL 23

Author Closing Comment

by:Mohammed Hamada
ID: 40642721
Thanks everyone for your useful comments, I appreciate it
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now