Topic: Suggestion about combining Smootwall and SME server.

[arne]

What about combining Smoothwall and SME server into one commen "box" this way:

1. The SME server is used as the host operating system, and the SME Vmware contrib server environment is installed.

2. Then there is made a virtual installation of Smothwall (or some other dedicated firewall).

3. The external nic of the virtual Smothwall gateway is bridget over to host system eth1 that has no ip.

4. The SME host system is running as server-only and is connected to eth0. The green card of smoothwall is also bridged over to host system eth0.

I guess that such an installation would be able to basically collect all the functions and properties of Smoothwall and the SME server in one common "box" or "common installation".

Also I would believe that this arrangement could solve the problem of the wireless zone and a DMZ as this will be functions that will be available from the Smothwall configuration panel so it will be possible to use from 2 and up to 4 networks adapters.

The reason that I think this will work is because I have a allmost simular arrangement running.

The existing arrangement is with a Centos 5.1 in the bottom as the host system and then Smoothwall and SME 7.3 as virtual guests.

The idea is just to reduce the minimum number of operating systems from 3 to 2 in such a way that the SME server is used as host system and server, while the virtual Smothwall will continue to do its job like before.

The benefits that should be obtained from this would propably be a lot more simplified installation using "prebuildt parts" (The SME server, the Vmware contrib and the Smoothwall firewall.) pluss also less requirements to the hardware. (I guess that such a "double operating system" will work well on 1 GB/Ram and possible also will do it on as little as 512 Mb Ram.)

The reason for the question is to ask if this idea is considered to be something usable or something of interrest.

For my own personal use I think I already have more firewalls running than I can ever can use, (and as far as I know all of them are working.)

The idea was actually to try to downgrade an existing working solution to make something that is more easy to install, and that also has less requiremets to the hardware.

By the way I also use Astlinux as a virtual ip telephony server, and of course this could be implemented as well, in a quite easy way.  (Download, copy, paste.)

[arne]

Possibly there is a problem that the Smothwall has a commersial variant ?

There is also a number of other firewall distros that could have done the job as "the virtual firewall", like Ipcop, Monowall, Coyote, Floppyfw, etc. Another option would be to use only a basic Centos installation as the virtual firewall.

What could be obteined by such alternatives is a soulution to a number of those firewall questions that have been posted during the years - the dmz zone, the wireless zone, multiple external ip's, 1:1 mapping, PPTP passtrough, etc, etc ..

For my own personal use I think the soultion I am using just now is just the perfect one (Centos 64 host system + virtual Smoothwall + vitual SME 7.3 + virtual AstLinux + some other virtual things).

Using virtual firewalling there is actually allmost no limitations at all.

If anyone is interesed in some kind or variants of such an installation they should/could leave a post below.

By the way "the virtual firewall" running under SME as the host system will have much the same caracter  as any other contrib. You first apply the vmware contrib, and then you apply the virtual firewall contrib ..