How many firewalls

RudyJCat · 09-20-2011, 05:37 PM

Hi just started with Untangle and I have a newbie question.

Do I need a firewall in each rack I create if they have no parent rack?

Thanks,

Rudy

drsminkus · 09-20-2011, 05:48 PM

You don't need a firewall module in each rack. You only need to add the firewall to the rack if you want firewall protection for traffic assigned to that rack.

sky-knight · 09-20-2011, 05:52 PM

If you don't install a firewall module and the rack in question is a child of a rack that has a firewall module, traffic going through the child rack will be subject to the parent rack's firewall.

RudyJCat · 09-20-2011, 05:54 PM

Great, thanks for the fast reply...I was just learning about creating racks and was worried that I was leaving some PC's exposed.

Thanks again,

Rudy

pazza3564 · 09-20-2011, 07:32 PM

Don't forget that with NAT, the internal devices are protected from incoming, except the ports you port forward.

sky-knight · 09-20-2011, 07:39 PM

Quote:

Originally Posted by pazza3564

Don't forget that with NAT, the internal devices are protected from incoming, except the ports you port forward.

Something that is going to come to a sudden crashing end when we all move over to IPv6.

I'm looking forward to that reality with an odd mixture of glee and terror.

pazza3564 · 09-20-2011, 07:41 PM

I think some networks will just keep nat, and have their external interface on v6, and internal on v4, and have a translation....

sky-knight · 09-20-2011, 07:47 PM

One of the major reasons to switch to ipv6 is to get rid of NAT, and all of the problems it causes.

09-20-2011, 05:37 PM	#1 (permalink)
RudyJCat Newbie Join Date: Sep 2011 Posts: 6	How many firewalls Hi just started with Untangle and I have a newbie question. Do I need a firewall in each rack I create if they have no parent rack? Thanks, Rudy

09-20-2011, 05:52 PM	#3 (permalink)
sky-knight Join Date: Apr 2008 Location: Phoenix, AZ URLs submitted: 8 Posts: 15,454	If you don't install a firewall module and the rack in question is a child of a rack that has a firewall module, traffic going through the child rack will be subject to the parent rack's firewall. __________________ Rob Sandling, BS:SWE, MCP Intouch Technology Phone: 480-272-9889 rob@intouchtechllc.com UntangleAppliances.com Phone: 866-794-8879

09-20-2011, 07:47 PM	#8 (permalink)
sky-knight Join Date: Apr 2008 Location: Phoenix, AZ URLs submitted: 8 Posts: 15,454	One of the major reasons to switch to ipv6 is to get rid of NAT, and all of the problems it causes. __________________ Rob Sandling, BS:SWE, MCP Intouch Technology Phone: 480-272-9889 rob@intouchtechllc.com UntangleAppliances.com Phone: 866-794-8879

Protect

Filter

Perform

Connect

Manage

Add-Ons

09-20-2011, 05:48 PM	#2 (permalink)
drsminkus Master Untangler Join Date: Aug 2011 Location: Buckhannon, WV Posts: 121	You don't need a firewall module in each rack. You only need to add the firewall to the rack if you want firewall protection for traffic assigned to that rack.

09-20-2011, 05:54 PM	#4 (permalink)
RudyJCat Newbie Join Date: Sep 2011 Posts: 6	Great, thanks for the fast reply...I was just learning about creating racks and was worried that I was leaving some PC's exposed. Thanks again, Rudy

09-20-2011, 07:32 PM	#5 (permalink)
pazza3564 Master Untangler Join Date: Dec 2010 Location: Echuca, Victoria, Australia Posts: 256	Don't forget that with NAT, the internal devices are protected from incoming, except the ports you port forward.

09-20-2011, 07:41 PM	#7 (permalink)
pazza3564 Master Untangler Join Date: Dec 2010 Location: Echuca, Victoria, Australia Posts: 256	I think some networks will just keep nat, and have their external interface on v6, and internal on v4, and have a translation....