Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




295 posts

Ultimate Geek
+1 received by user: 7


Topic # 89201 28-Aug-2011 07:50
Send private message

Hi all

Probably a common request, but need current advise on an ADLS2+ Modem/Router.

Currently have a TD-8840 which basically am pretty happy with but need to replace it with something which actually has a firewall and allows IP filtering.

The TD-8840, when in PPPoA modem basically doesnt do anything (had this confirmed by their Support):
"With regard to the IP filtering rules, all incoming traffic will only be blocked when the unit’s firewall has been enabled. However, enabling/disabling this setting is only available on the TD-8840 when it has been configured to use MAC Encapsulation Routing (MER) or IP over ATM (IPoA) connection mode in its ATM PVC Configuration page when configuring a connection under Advanced Setup -> WAN."

So servers / machines I have behind the firewall are not as protected as I would like.

Thus all traffic appears at the servers as from 10.0.0.1 (My IP Address for the TP-Link) ... so I cant filter at the servers either. My previous RTA1320 was good at filtering incoming IP Traffic, but just wouldnt hold a connection.

Can anyone recommend a good rock solid ADSL modem/router which does have a basic firewall? One which has a Broadcom chipset would be best ... since the TP-Link does hold the connection really well.

Create new topic
132 posts

Master Geek
+1 received by user: 2


  Reply # 513339 29-Aug-2011 10:37
Send private message

a $50 PC off trademe with PFsense installed is the best you can get at a consumer level.



295 posts

Ultimate Geek
+1 received by user: 7


  Reply # 513347 29-Aug-2011 10:56
Send private message

Yea, whilst Ive got a Virtualised Server running and could setup a Linux box , really want a Modem/Router/Firewall which does it so as to minimise my "power usage", as well as less UPS's required to get me through power cuts.

My previous RTA1320 and even the old M1122 all allowed me to set up IP Filtering ... but this TD8840 just doesn't.

 
 
 
 


8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 513355 29-Aug-2011 11:06
Send private message

You can connect your TP Link TD-8840 to another device via half bridge (ip extension).

Pfsense is a good option.

You could also look at flashing open source third party firmware on a separate router.

The three most popular are DD-WRT, TomatoUSB and Gargoyle Router (OpenWRT).

http://tomatousb.org/
http://tomatousb.org/doc:build-types

http://www.dd-wrt.com
http://www.dd-wrt.com/site/support/router-database

http://www.gargoyle-router.com/
http://www.gargoyle-router.com/wiki/doku.php?id=supported_routers_-_tested_routers



 

8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 513369 29-Aug-2011 11:32
Send private message

thekiwi: Yea, whilst Ive got a Virtualised Server running and could setup a Linux box , really want a Modem/Router/Firewall which does it so as to minimise my "power usage", as well as less UPS's required to get me through power cuts.

My previous RTA1320 and even the old M1122 all allowed me to set up IP Filtering ... but this TD8840 just doesn't.


Can you list a couple of examples of what your ip filtering rules were?  Were you blocking all access or just certain ports to the servers or what?

Standard NAT basically already stops all incoming traffic that was is not the result of an outbound initiation from the servers, except where you have setup port forwards.



295 posts

Ultimate Geek
+1 received by user: 7


  Reply # 513371 29-Aug-2011 11:34
Send private message

Ragnor:
thekiwi: Yea, whilst Ive got a Virtualised Server running and could setup a Linux box , really want a Modem/Router/Firewall which does it so as to minimise my "power usage", as well as less UPS's required to get me through power cuts.

My previous RTA1320 and even the old M1122 all allowed me to set up IP Filtering ... but this TD8840 just doesn't.


Can you list a couple of examples of what your ip filtering rules were?  Were you blocking all access or just certain ports or what? 


If I opened a port, say FTP, I could then even use IIS to deny all and allow specific address blocks. 

From memory they both also allowed filtering certain IP/ranges at the router itself. 

8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 513386 29-Aug-2011 12:00
Send private message

Yeah you're right the Dynalink 1320 has an ip address filtering section and the TP Link TD-8840 doesn't. Quite weird since they are similar hardware and probably based on the same OEM linux based firmware from broadcom.

I guess Dynalink did more work on extra software features and TP link did more work on hardware. The Dynalink has a reputation of running super hot due to the case design and no heatsink on the main chip, hence the becoming unstable over time thing.

If you to run one device only that does modem/router/firewall with business/geek focused features I would recommend the Draytek Vigor 120

http://www.gearbot.co.nz/store_products/search/Draytek%20120/

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.