Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Leopard Server as Gateway?

M

mmcxiiad

macrumors 6502
Original poster
Anyone have any experience in using leopard to do NAT, Firewall, routing, etc? I am curious about how comprehensive management it is in comparison to a dedicated router/firewall. I am not sure if leopard excels in this capacity or it is merely a feature that more trouble then it is worth. Any insight would be highly appreciated.
 
mmcxiiad said:
Anyone have any experience in using leopard to do NAT, Firewall, routing, etc? I am curious about how comprehensive management it is in comparison to a dedicated router/firewall. I am not sure if leopard excels in this capacity or it is merely a feature that more trouble then it is worth. Any insight would be highly appreciated.
Click to expand...

Just my $0.02 FWIW, regardless of OS or 10.x version

It's a convenience that's to be avoided if possible if you're going to use the server for other things. Think about the failure conditions introduced --
- If you need to take down the server you're also taking down the router/NAT device
- If someone finds a security flaw in the OS firewall they're on your server rather than only just on your LAN

You do gain, though,
- relatively easy setup
- Mac-friendly VPN (anyone know if Bonjour/mDNS broadcasts are forwarded in 10.5?)

But in the end it's just not a good topology to stick a multipurpose server there as a gateway. Maybe the biggest reason is just that if you have to work on the server it's also going to mean that your Internet is inaccessible to the office for that time.
 
I'm actually trying to do this right now and running into a few challenges.

I'm using a G4 Mini for it with a Linksys USB200M as my second ethernet device (en1) but have hit a few brick walls.

First is I couldn't get the server to get a valid IP address from my ISP. Then on the other side I couldn't figure out how to assign my server it's IP address, though I was able to figure out the DHCP table and assign my network IP addresses.

I've only got a 40GB internal drive (though I have a 1TB USB and a 320GB FW400 external) that Disk Inventory X shows as only half full but I keep getting a disk full error. I can't find anything in Finder either.

Any ideas or directions I can be pointed in please? Thanks for any help I get.
 
turtle2472 said:
I'm actually trying to do this right now and running into a few challenges.

I'm using a G4 Mini for it with a Linksys USB200M as my second ethernet device (en1) but have hit a few brick walls.

First is I couldn't get the server to get a valid IP address from my ISP. Then on the other side I couldn't figure out how to assign my server it's IP address, though I was able to figure out the DHCP table and assign my network IP addresses.

I've only got a 40GB internal drive (though I have a 1TB USB and a 320GB FW400 external) that Disk Inventory X shows as only half full but I keep getting a disk full error. I can't find anything in Finder either.

Any ideas or directions I can be pointed in please? Thanks for any help I get.
Click to expand...

You're trying Server 10.4, right? My recollection of trying 10.5 on a Mini G4 is that the installer simply reports that it won't install. That's a vague recollection, though.

If you're completely new to installing the Server, then you're also going to have trouble re-setting the IP address and getting the DNS working if you didn't provide the right WAN IP address during installation. You can use some command-line tools such as host, changeip, etc to fix it, but you'll be running into headaches.

My advice is to reinstall. It will take less time and now you're used to setting up some of the services. During configuration, deselect all the services that claim they'll be set up automatically since they won't and will cause troubles if you do. After the installer restarts the Mini, run all the OS updates. Then after setup, open Terminal, type 'host <ip address>' substituting your WAN address, see if it comes up with your hostname. Then type 'host <servername>' substituting the WAN name of your server. These 2 answers should reflect each other. If they don't match up, then you're going to have DNS problems and won't be able to use certain services such as the nice Open Directory service.

This is just a 1st pass at an answer. If you can provide more details on the parameters that'll help.
 
mmcxiiad said:
Anyone have any experience in using leopard to do NAT, Firewall, routing, etc? I am curious about how comprehensive management it is in comparison to a dedicated router/firewall. I am not sure if leopard excels in this capacity or it is merely a feature that more trouble then it is worth. Any insight would be highly appreciated.
Click to expand...

Linux would probably be a better solution for that if you ask me.
 
mmcxiiad said:
Anyone have any experience in using leopard to do NAT, Firewall, routing, etc? I am curious about how comprehensive management it is in comparison to a dedicated router/firewall. I am not sure if leopard excels in this capacity or it is merely a feature that more trouble then it is worth. Any insight would be highly appreciated.
Click to expand...

I would suggest doing this only if you need router functions that your lynksys/dlink routers can't handle. For a while I used a Linux system as a router because I needed to run a SIP Proxy (for VOIP connections) on the firewall device. I also needed to do some traffic shaping that the low-end routers cannot do. A full-up UNIX system is a very capable router but overkill if you don't need it I would NOT run other services on the machine if it is routing. Put your servers on another box and use NAT
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back