EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Monday 25 November 2024, 02:59:06 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the Official Endian Reference Manual
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
EFW best practices, port forward per port or 1:1 nat?
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: EFW best practices, port forward per port or 1:1 nat? (Read 15939 times)
bangsters
Full Member
Offline
Posts: 34
EFW best practices, port forward per port or 1:1 nat?
«
on:
Monday 27 July 2009, 03:56:34 pm »
Hi.
How did you guys implement EFW in your cluster?
1. Port Forwarding. All ports are disabled except for the specific ports which are natted to the private IPs.
2. 1:1 NAT. Then in Firwall -> System Access disalbe specific ports, or enable these ports only for certain IPs. Like ssh and rdp ports only allowed on your IP.
Which method are you using? Currently how we implemented ours is using the first one. ALl ports are disabled. We enable specific ports (80,143,443, 25, etc) for each and every public IP and destination private IP. The result is a very long list of port forwarding rules.
Is the second option above a better choice? Why or why not?
Thanks
Logged
bangsters
Full Member
Offline
Posts: 34
Re: EFW best practices, port forward per port or 1:1 nat?
«
Reply #1 on:
Thursday 30 July 2009, 08:50:22 am »
bump anyone?
Logged
sterilegenie
Jr. Member
Offline
Posts: 2
Re: EFW best practices, port forward per port or 1:1 nat?
«
Reply #2 on:
Monday 03 August 2009, 11:59:17 am »
Im currently using Astaro Security Gateway and Im using Snat and Dnat, the rules are long, its a pain in the arse to get setup but once its done..... its done!
Im looking at Endian right now because I have reached my user license limit. I hope others chime in on this one to see what others suggest.
Logged
itguy12
Jr. Member
Offline
Posts: 3
Re: EFW best practices, port forward per port or 1:1 nat?
«
Reply #3 on:
Saturday 22 August 2009, 12:01:11 am »
What about SNAT? Do you have certain private IPs source NATed out as an external IP that is not your firewall IP? How did you accomplish this?
Logged
theonegod
Jr. Member
Offline
Posts: 2
Re: EFW best practices, port forward per port or 1:1 nat?
«
Reply #4 on:
Saturday 22 August 2009, 01:52:34 am »
I just setup one of these and I used Port Forwarding with access control entries in addition to SNAT settings. The list IS long but you can speed the process up a bit by editing the config file directly.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.109 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com