Transparent (bridge) firewall

For political reasons I'm stuck needing a firewall appliance I can put between our router and our network. But I need to not have to change the NAT address of the router (, nor the gateway of the client PC's.

Any recommendations for a firewall appliance that will operate at the hardware layer, or something along those lines? I guess I'm looking for pure packet inspection without VPN, DHCP, etc.

Suggestions? Ideas?

Reply to
R Gardner
Loading thread data ...

A machine with two or more ethernet ports running OpenBSD, for the cost of a PC. OpenBSD is highly regarded for security and stability. The integrated PF packet filter is very configurable. The documentation is decent, and there is a book by Jacek Artymiak specifically addressing the subject of firewalls on OpenBSD.

If you go with the bridge configuration, you will have to either use a third interface to administer the firewall or do everything from the console.

Reply to
George Pontis

FireBox 1000 will do it, but they're are not cheap. You can run it in drop-in mode, set the subnet on each side and you're good to go.

Reply to

Sonicwalls can be bridged. They do have all thge other features (dhcp, vpn, etc) but you can simply not use them.

Reply to
T. Sean Weintz

Netscreen 5GTs do it, 10 IP box lists @ US$570, unlimited IP lists @ US$900.

Reply to
Mark S

On 15 Nov 2004 19:11:20 -0800, R Gardner blurted:

Find an old Lucent Brick - they work at layer 2

Spamming this account signifies your unqualified consent to a free security audit

Reply to
spammersarevermin Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.