0

Currently we have shorewall running as our firewall, but we're switching over our network to something lighter. We were thinking of using a Linksys E2000 and installing DD-WRT. We have a cable internet connection with three assigned IPs. As part of our internal network, we've got three servers that go into a DMZ. Currently all machines on the 10.1.3.X subnet are in the DMZ. All machines on the 10.1.4.X subnet are the local infrastructure like domain controllers, internal development, database servers.

Various ports are opened on machines across the network to the outside world. A web server here, a mail server there.

Is this too much for WRT to handle? Any pointers on how to do it? Is the selection of routers appropriate?

EDIT: I should add that it would be best if one of the ports was the DMZ. Is that possible?

jeffkolez
  • 147
  • 7

2 Answers2

7

DD-WRT is nice for routing, but if your replacing a firewall, I would lean towards pfSense or Endian as a firewall solution instead of a router with firewall capabilities.

Greg Buehler
  • 1,030
  • 2
  • 10
  • 14
0

DD-WRT isn't capable of allocating a physical port on your hardware like most firewalls can, however it can certainly handle DMZ / NAT type tasks which are the primary function of most firewalls.

http://www.bizsystems.net/howto/DD-WRT_DMZ-with-static-public-subnet.html

PMGoldstein
  • 466
  • 3
  • 12