I'm setting up a network in my new house and to avoid putting wires everywhere I want to set up a half wireless half ethernet network. Is it possible to use a wireless router to share the broadband connection, then hook up the switch to the router for more ports (only a few computers will need the 100mbit bandwidth)? Last thing: would turning an old comp into a firewall (openbsd) be worth it as opposed to buying one of the set top kind?
You betcha, you can 'daisy chain' another hub/switch to your wireless router with no trouble and still use it to connect to your broadband with no troubles at all. Now as far as using a separate Linux box for a firewall (assuming wireless router as well) If you are not very familiar with Linux I think you will find the above solution a lot easier to set up and deal with, pretty much plug it in and go, and generally the newer WAP/Router/Firewall all in one boxes are pretty flexible. Lynksys has my vote for thier BEFW11S4 model. She can do what you are looking for and a bit more and stays very stable. I've been beating the tar outta mine for about a month now and haven't been able to break it yet.
Thanks man. I should've checked that out first. After a little searching I found what I was looking for. About the firewall though, if I was to go the openbsd route, would I have to stick two NICs in the box then sit that just after my cable connection and before the first router. Wouldn't that make two routers?
Yes two nics would be required to actually "route" through the box (although it is possible to run multiple subnets on a single nic/wire, and actually route between them i think that is way above and beyond what you are looking for here and not very practical). And in essance that would make two routers (twice the number of things to go awry in a very small network). But on the other hand it could provide double the security for your LAN as well depending on configurations. But note that having to boxes doing NAT behind one another is generally not considered a good thing to do... unless you enjoy packet mangling, it will generally function just not always as well as you'd like. Most chat applications (ie.. ICQ, MSN, IM...) and a lot of gaming apps do not function well in this senario.
Alright, so basically I either go for a more secure but harder approach, or an easier one which would be getting a router/firewall all in one or building a bsd box using iptables to route and protect the network. In the long run, what is a better option, knowing that flexibility is a priority as well as ease of management? (Thanks for the tip on using chat programs and all that though, that's probably what most of the users will be doing)
Frankly, if you are comfortable with the Linux/BSD approach...that is definately the way I would steer you. I think the raw flexability will more than pay for any learning that'll have to be done in the long run. Not to mention with tools like PortSentry and many others the box can identify would-be attackers and defend herself as well (something an all-in-one jobber could never do).
Yes, more security, but much more headache...and probably more network instability. Put it this way. I have been running a network behind a linksys broadband router with three different providers over the last three years and I have never had an attack that was not easily ignored/dispatched by the router. NO network is perfectly safe. ALL are hackable. NAT is more than enough to avoid most attacks. The experts out there (the true l33t haxors) aren't going to be interested in your little network, and if they were, they WILL get in. The small hax's are dissuaded by simple NAT, as they prefer the open networks. I have no ports forwarded at all on my router and all my chat programs can communicate just fine: MSN, ICQ, AIM, etc. The only time I have had to forward a port was to host a game and to allow file sharing on MSN. I guess what I'm saying is to not be afraid of the net so much that you cause yourself more pain than is necessary. EDIT: Just read your last post, didn't see the last option (BSD). If you are comfortable with learning that shtuff, then go for it. As for ease of use, I would go with a broadband router. Web interface, quick and easy...I haven't had to mess with my settings hardly at all within the last three years and everybody is happy inside the network. Cheaper than the BSD route as well. As far as security, you would have to worry more about the wireless portion than any other. Too easy to make a receiver out of a pringles can...
Thanks for all the suggestions. I think I might go the openBSD route seeing as it will definitely give me some admin experience and a better look at configuring a network, rather than just filling in forms on a web based router.
