[Info-vax] setting up an alpha in a home network using a linksys router

[Neil Rieck]

On Aug 1, 2:56 pm, VAXman-  @SendSpamHere.ORG wrote:
> In article <7e1d67a3-b3e5-4dad-905a-7a14333e7... at c2g2000yqi.googlegroups.com>, Neil Rieck <n.ri... at sympatico.ca> writes:
>
>
>
>
>
> >[...snip...]
>
> >> The LinkSys BEFSR41 (IIRC, I think I've played with one of these) is a
> >> small 4-port router with an extremely limited web based configuration
> >> menu system. =A0It does NAT and you can block some ports in and or out.
> >> It's a far cry from a PIX.
>
> >Like all popular hardware, the BEFSR41 was released every year with
> >better hardware and better firmware. I remember at least 5 versions of
> >Model-1 and they currently have four different models with this
> >product name. Higher models numbers introduced more hardware which
> >always translated into more features. (making it difficult to
> >criticize a BEFSR41 without knowing the model number).
>
> >You are correct that these little appliances are similar to gas-power
> >lawn mowers whist the PIX FIREWALL is more like an automobile engine.
> >But I have stopped arguing with management about this stuff: their
> >M.O. is to always go the el-cheapo route then upgrade only when
> >problems arise. One thing about these LinkSys boxes is that they can
> >only do TCP/IP whist other CISCO products (like the PIX) support other
> >networking protocols.
>
> >> >CISCO must have lost a lot of business to LinkSys which is probably
> >> >one reason why CISCO bought them. As far as I'm concerned, the
> >> >miniaturization of routers is no different than the miniaturization of
> >> >modems. Both used to be big and expensive but now they are small and
> >> >cheap. Sure you can't use a LinkSys as a corporate firewall (would you
> >> >use a motor cycle engine to run a car?) but they are good enough for
> >> >many applications.
>
> >> Cisco 850/870 series routers are in the low price range and, for what
> >> one can do with one, I'd say the better deal than going with Linksys.
> >> IOS configuration editing is *STILL* primitive but you can get better
> >> control with it than you ever will with a LinkSys.
>
> >> I'm not a fan of the PIX, BTW. =A0If you really want to do some firewal-
> >> ling, look for a used Juniper NetScreen. =A0A 5-GT model should suffice
> >> if you're able to work a BEFSR41 into your work network. =A0These boxes
> >> are now available used and refurbished in the low US$100-$300 range.
>
> >For home use I've been running a LinkSys WRT300 for the past couple of
> >years. This little beast sports 4-direct connect ports along with
> >wireless connections on 802.11-B, G, and N. It seems that every home
> >entertainment product now comes with wireless or 10-base-T or both.
>
> I'm still trying to get an answer to the question, can they NAT
> aa.bb.cc.dd/24 to say 192.168.1.0/24?  Or, aa.bb.cc.dd/28 or/29
> for that matter?
>
> --
> VAXman- A Bored Certified VMS Kernel Mode Hacker    VAXman(at)TMESIS(dot)ORG
>
>  http://www.quirkfactory.com/popart/asskey/eqn2.png
>
>   "Well my son, life is like a beanstalk, isn't it?"

You can NAT any address and do port translation as well. The private
side of the box defaults to 192.168.1.x (for cables) and 192.168.2.x
(for wireless) but you can change these to whatever you want. The
public side can also be whatever you want so my system at work is
static while my system at home is dynamic. Newer appliances can
control port translation and port blocking in both directions (inbound
is totally shut down by default).  Another cool option allows you to
"steer any new inbound connections on port 80 to address whatever".
This allows one machine on the intranet to serve up web pages. Of
course, the router should have a static address (so the public can
find it) or be registered with www.dyndns.com

It has been a while since I played with a BEFSR81 (8-port version w/o
wireless) but I remember an option where one physical port on the
private side could be set up to be virtually wide open to the public
side. I "think" the option was labelled "DMZ".

NSR