How do I use a computer as a firewall/router/DHCP server?

[ArcticFox]

I have some questions about setting up a Windows or Linux computer to run as a firewall and maybe a server. I really don't know how to do this other than to run Windoze and plant ZoneAlarm or some other equivalent onto the rig, with two NICs (one coming from the modem, the other to a switch). Is this the basic way to do it?

Next question - a router needs multiple ports to accomodate multiple PC's. So....you would need a box with like a lot of network cards in order to use it as a router right? This is the same for using it as a DHCP server, eh?

And then - what Windows software do I need in order to set a comp up for this task? I would rather do it in Linux, so if there is a guide or someone could help me do this, that'd be great.

Edit - I may add that Linux may or may not be an option as I do not have the machine built yet. I know that it will be a Celeron (P4 type) with a cheapo case, some drives, 1GB RAM and the usual stuff. So Linux probably would work or it might not, but we will see.

[crouse]

http://www.smoothwall.org/

http://doggerdog.bravepages.com/freesco/

HTH's

[DVNT1]

Yes, that's one common way to do it

At least two network Interfaces are needed

Not normally (if the routers support DHCP relaying)

In addtition to Crouse's suggestion you could use IPCOP (http://www.ipcop.org)

[ArcticFox]

Shiznitty, thank you.

[blubomber]

First, i would like to say that you need to stay away from the Celeron. A Duron 1.6-1.8GHz or an Athlon XP1700+ would be cheaper and give you better performance.

As far as the windows side of it goes, you need windows 2000 server to run a windows computer as a router/firewall. Windows 2000 server comes with Routing and Remote Access Services that will need to be installed. This will allow you to setup the server as a router with 2 NICs. And you would also be able to setup a DHCP server as well. Then you could get ZoneAlarm or some other similar software to handle the Firewall side. If you have money to spend, then you can purchase microsofts ISA server 2000 (Internet Security and Acceleration Server). This will allow you to have good firewall protection and Alert you to possible network intrusion attemps. Plus contenet filtering, server publishing and all kinds of other stuff. But it is not cheap.

As far as Linux goes, i dont know. the links from crouse and DVNT1 look good. I am also recearching a linux firewall/router solution.

[ArcticFox]

The reason I chose a Celeron is that my freind has one (forgot what speed though, I think 2Ghz) that he bought but decided not to use, and he only had a 30-day warranty because it was an OEM chip. It isn't doing him any good, and NewEgg doesn't stock 1700+'s as AMD is no longer fabbing them. He would give me a good price on his old proc, and it would be perfectly fine for what I need. I don't need a speed-demon, mind you, that's what my other computer is for. The mobo I am looking into is cheap, although it doesn't support 800Mhz FSB P4's but I don't plan on really using one in the future anyways.

This box will be for toying around with Linux, but I'll dual-boot that and some version of Windows as I need to use it as a file server accessable over LAN. I have RedHat on my main comp (that isn't running as I'm waiting for the new mobo Asus is sending me) that I rarely used, but if I had it on a seperate box I'd use it more.

[Agent_Embryo]

A linux router does not need to be a high-performace computer. I use a Pentium 100MHz with 40Mb of RAM and two NICs.

http://www.clarkconnect.org/


very cool linux distribution designed for being a router/firewall.

even has snort built in for intrusion detection

you can also update it from the webpage set up

[ArcticFox]

TY GZ

I'm also a big n00b when it comes to Linux, so stuff that is easy to use would be nice.

clarkconnect and smoothwall are very simple to set up and both have web interfaces that you can log into to configure it like a router