Hello all. I am currently running a BSD based firewall/router for my company called M0n0wall. It is a fabulous open source (hence free!) firewall system http://m0n0.ch/wall/
My question is, if I wanted to migrate to a Cisco product and dump the M0n0, would the 1801 be the right router for my needs? Currently my M0n0wall has four FE 10/100 interfaces broken into:
fe 0/1 - Functions as a PPPoE (connects directly to my ADSL modem for WAN connectivity) to AT&T
fe 0/2 - Lan Interface 192.168.1.0/24 (Supports less than 6 PC's on same subnet). DHCP is enabled from M0n0 wall to hand out IP, DNS, and Gateway info for clents. NAT overload is also done on this interface to let my workstations have internet access.
fe 0/3 - WiFI Lan 10.10.10.0/24. Connects directly to a netgear AP. The Netgear AP is in "dumb" mode. In other words, all the AP does is allow association/authentication. M0n0 wall's DHCP hands out IP,DNS, and Gateway info for this subnet as well as for my Lan subnet. NAT overload is done on this interface as well as it is a public "hotspot". I have strict firewall rules enabled so that only a select few ports are available to clients (i.e. web, dns, pop3, smtp) Also, I have traffic shapeing enabled so that the wifi clients uplink speeds are throttled to around 100Kbps. This prohibits spammers from sending megabytes of spam from my ip. I have a captive portal enabled that redirects all clients after authenticaion to agree to a TOS before they are allowed internet access. This is my "safety net" to protect us from spammers, pornos, etc... If they don't agree to the TOS they don't have net access.
fa 0/4 - Server Subnet - 10.10.11.0/24 - Web, email, and ftp servers reside here. I have static mapping enabled so that WAN specific traffic destined for my IP (port 80 web, smtp, pop3, ftp) can get to this interface since this interface has my servers on it that outside traffic must get to. I consider this zone the DMZ as it is the only zone that outside traffic is allowed too.
Is the 1801 something I could migrate to if I didn't want to use M0n0? Would it do the above things? I am not sure it has any kind of traffic shaper or captive portal built into it, however.
Also, I noticed the 1801 has one 10/100 FE WAN port. What is this wan port for if an ADSL POTS port is also installed on the device??
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...