Currently we have shorewall running as our firewall, but we're switching over our network to something lighter. We were thinking of using a Linksys E2000 and installing DD-WRT. We have a cable internet connection with three assigned IPs. As part of our internal network, we've got three servers that go into a DMZ. Currently all machines on the 10.1.3.X subnet are in the DMZ. All machines on the 10.1.4.X subnet are the local infrastructure like domain controllers, internal development, database servers.
Various ports are opened on machines across the network to the outside world. A web server here, a mail server there.
Is this too much for WRT to handle? Any pointers on how to do it? Is the selection of routers appropriate?
EDIT: I should add that it would be best if one of the ports was the DMZ. Is that possible?
Best Answer
DD-WRT is nice for routing, but if your replacing a firewall, I would lean towards pfSense or Endian as a firewall solution instead of a router with firewall capabilities.