I'm looking for a not too expensive router/firewall for the office but don't know of any that do what I need it to do.
Currently, I use a computer running OpenBSD with two network cards. This works perfect for me, but I'm trying to set it all up where if something happens to me such as a heart attack or stroke, someone else can easily keep it going while I recuperate.
So here's what I'm looking for and the reasons:
1) I'm not interested in a wireless router. If it is wireless, it doesn't bother me -- if I can't disable it or reduce the power to minimum, I'll just give it an unrememberable password and not tell it to anyone.
2) It must be a gigabit router.
3) It must handle both IPv4 and IPv6.
4) For IPv6, no NAT. Just apply firewall rules to permit or deny traffic. I completely fail to understand why anyone would want a router that does NAT on IPv6 -- don't they understand that NAT is designed to extend a limited address space? On the smallest IPv6 block, it is hard to imagine how anyone would run out of the 2^64 addresses.
5) For IPv4, it needs to use NAT. We don't have enough IPv4 addresses to connect everything.
6) It needs to be able to handle multiple IPv4 addresses on the WAN port. The reason is that we have hundreds of devices outside the firewall with addresses in a 10/8 subblock that need to be accessed from the LAN. Also, sometimes a device will be reset and have an address in the 192.168.1/24 block and we need to be able to reconfigure them from the LAN.
7) A plus, but not required, is that it could have WAN addresses on the LAN side with normal firewall rules to regulate that traffic.
I do all this quite easily with OpenBSD, but finding someone else to make even small changes while I'm unavailable would be rather expensive.
Any suggestions?
Currently, I use a computer running OpenBSD with two network cards. This works perfect for me, but I'm trying to set it all up where if something happens to me such as a heart attack or stroke, someone else can easily keep it going while I recuperate.
So here's what I'm looking for and the reasons:
1) I'm not interested in a wireless router. If it is wireless, it doesn't bother me -- if I can't disable it or reduce the power to minimum, I'll just give it an unrememberable password and not tell it to anyone.
2) It must be a gigabit router.
3) It must handle both IPv4 and IPv6.
4) For IPv6, no NAT. Just apply firewall rules to permit or deny traffic. I completely fail to understand why anyone would want a router that does NAT on IPv6 -- don't they understand that NAT is designed to extend a limited address space? On the smallest IPv6 block, it is hard to imagine how anyone would run out of the 2^64 addresses.
5) For IPv4, it needs to use NAT. We don't have enough IPv4 addresses to connect everything.
6) It needs to be able to handle multiple IPv4 addresses on the WAN port. The reason is that we have hundreds of devices outside the firewall with addresses in a 10/8 subblock that need to be accessed from the LAN. Also, sometimes a device will be reset and have an address in the 192.168.1/24 block and we need to be able to reconfigure them from the LAN.
7) A plus, but not required, is that it could have WAN addresses on the LAN side with normal firewall rules to regulate that traffic.
I do all this quite easily with OpenBSD, but finding someone else to make even small changes while I'm unavailable would be rather expensive.
Any suggestions?