Home Network - Firewall & Wireless AP

QCHQCH Ancient GuruChicago Area - USA Icrontian
edited May 2008 in Science & Tech
OK... as many of you know, my wireless router seems to lock up a lot. Sometime 3 or 4 times in an hour. So I am going to ditch my wireless router in favor of a real hardware firewall and Wireless Access Point.

So... My logic is that I cannot lose my phone so it needs to be left outside the firewall. From what I've read is that the Vonage device is not a security issue. I want a dedicated firewall but with low power and no worries about hard drives, memory, or any other hardware issue that a PC based firewall. Also... I want my Windows Server to handle DHCP and any other network issues. Here is my idea...

attachment.php?attachmentid=25301&stc=1&d=1209181212

Here are the three Access Points I have narrowed down to.

Here is the Firewall I think I want.


Sound like a good idea? Any problems with that equipment?


Comments

  • QCHQCH Ancient Guru Chicago Area - USA Icrontian
    edited April 2008
    bump...?
  • kryystkryyst Ontario, Canada
    edited April 2008
    I don't see how that will work. You need a router connected to the modem.

    That router acts as the gateway for your Vonage and your Hardware Firewall. Then have the rest of your network connected the the hardware firewall which will do it's own routing for that network and can either do DHCP or you can have your windows server do DHCP, but it really doesn't matter.
  • CycloniteCyclonite Tampa, Florida Icrontian
    edited April 2008
    kryyst is right. You need a router, otherwise you're never going to talk properly to the outside world.

    Aside from that, I have that Netgear WAP, and I've never had to reboot it. It's fast and easy to setup.
  • the_technocratthe_technocrat IC-MotY1 Indy Icrontian
    edited April 2008
    Here's how I have my network set up:

    Cable coax from comcast
    EtherFast Cable/DSL VPN Router with 4-Port 10/100 Switch (although mine is older and only has one port, so I have a 4-port switch plugged into it.)
    Wireless-G Access Point (basement)
    TiVo
    Wii
    Wireless-G Access Point (in kitchen, acting only as repeater for basement WAP. Supplies good signal to upstairs and outside)

    This setup is all I need to connect my desktop with a wireless card (sharing print and USB external HD), wife's laptop, upstairs wireless TiVo and 2 mobile handsets and a palm pilot that get used. I've had the tivo updating, wife with her laptop online and IMing on her mobile while playing TF2, ping never went above 15 or so. With a clear local network, it's usually around a ping of 5. I don't use VoIP any more, but should be able to handle it if I did.

    You would just connect the 24-port switch to the cable modem/switch, same as my Wii.
  • LeonardoLeonardo Wake up and smell the glaciers Eagle River, Alaska Icrontian
    edited April 2008
    What is the advantage of using an access point versus a wireless router in a small office/home office network?
  • BudBud Chesterfield, Va
    edited April 2008
    No offense dude don't go that route. That firewall is not a true firewall and wont give you any better protection. The ap's you are looking at are not going to make a big difference either. Its more money but look at the gaming routers made by d-link. There is a g version and a n version as well (go n if you can afford it)

    Get something like that to replace your router now and change out your wireless cards. You will have a lot less headaches and a good system. Also with those routers you can do qos to set which computers get priority for bandwidth. So voip would be first then so on.
    Leonardo wrote:
    What is the advantage of using an access point versus a wireless router in a small office/home office network?

    Most business's already have routers that are more business end (ie. cisco), so they just plug in a ap to use there existing equipment. In a small business an ap is not really a good idea. If you are planning on wireless might as well to go to something like a sonicwall that will be a beefier version of the d-link with a few more features like spam protection or anti virus scanning in the firewall as well.
  • CycloniteCyclonite Tampa, Florida Icrontian
    edited April 2008
    Leonardo wrote:
    What is the advantage of using an access point versus a wireless router in a small office/home office network?

    I use IPCop and the Netgear WAP. This was after I tried a few wireless routers. They always locked up on me, especially with BitTorrent traffic, and I got tired of having to reboot the thing all the time. I switched to IPCop last weekend, and before that I had Smoothwall installed. It ran for 230 days without a reboot. That would have been hire had the cheap PC I used for it not blown a few capacitors.
  • QCHQCH Ancient Guru Chicago Area - USA Icrontian
    edited April 2008
    Here's the details... I want a segmented network. If one item fails I want to be able to replace it without replacing the entire device. I've had 2 wirelss routers (D-Link and Linksys) that have different attributes and both have died on me. Takes down the entire network until I can replace the router.

    The Access point over router is that most of the routers want to do too many things and none of them well. I want my Windows Server to handle DHCP addresses, not the router. For a firewall, I want to be able to setup port forwarding with more granularity than what a wireless router can handle. I want to be able to establish a VPN INTO my home and be able to use my home network as a proxy server so I can do some activities through my home network and not work.

    I used to use Astaro as a Linux firewall but it was another PC just sitting running and it was a full fledged firewall wiuth WAY too many settings. The PC I was using died twice because it was old. The firewall didn't require a robust PC so it was pointless to have a new PC so the firewall.
  • BudBud Chesterfield, Va
    edited April 2008
    segmented networks create issues too as a heads up. I think you should setup a linux distro firewall and then use a switch. The firewall with do nat and you can use the windows server for dhcp.

    My personal choice would be gamer router to a switch. You can disable dhcp on the router and use dhcp on your server. How many port forwarding rules do you have? I had about 10-12 rules with torrents and voip running with my g gaming router with no issues.

    Its up to you man since its your network though.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited May 2008
    Well, depending how many ip addresses your isp gives you nat could be unnecessary, but I doubt they give you more than one.

    Seriously though, I would look at running smoothwall or one of the other 50000 router distros out there on a small embedded system. Like a Via C7, they work great, are small, and can be had with 2 lan ports. Best part is that they are all solid state booting from a CF card.

    So I would go modem to router, router to switch. and if you really want a segmented network I would get an old system to run a router distro on and get a fe more cards in it and make different zones, or else a switch that supports vlans. other than that I don't see the point.

    Anyway, modem --> router --> switch which would branch off into the server, ap's, clients, and vonage. And you could set that server up to handle RADIUS duties and make your wireless network a whole lot more secure. WPA2-PSK is a whole lot easier to crack than one with RADIUS authentication.
Sign In or Register to comment.