Hi Wilder People!

This is me first post so, please, be gentle! :)

I wonder if any of you can assist me in this configuration i'm considering. I have 2 PCs that I would like to connect to the internet and i'm debating this setup

PC1 XPSP1a --+
|

Linksys BEFSX41 --> D-Link DSL-300T --> INTERNET

|
PC2 XPSP1a --+

Will I get any problems with this setup? Do I need (or advised) to run a Firewall on the PCs to control outbound application traffic, if so which one?

Many thx for your concern!

TL

Hey TL,

For the moment I'm going to treat this as a Security type question and have the discussion\comments in this Forum.

While I do not have knowledge of the Linksys BEFSX41 router....it is very much a recommended item for many as an extra layer of protection.

As for outbound protection via a software Firewall....there again....it is another recommended layer. Hopefully others will offer their comments concerning Firewall preference.

Arrrrrrrr okay, sorry posting in the wrong area!

TL

-{ Quote: "Hi Wilder People!Will I get any problems with this setup? Do I need (or advised) to run a Firewall on the PCs to control outbound application traffic, if so which one?

Many thx for your concern!

TL" }-

1. Looks great to me!

2. IMO, I would. Software firewalls are a matter of preference. I use Zone Alarm because I enjoy it's ease of use, but there are other alternatives that you may prefer. ;)

At any rate, good job! (and cool diagram!)

Software firewalls should be considered as essential given the amount of "phone-home" malware there is. Also check for firmware updates for the Linksys and D-Link - Linksys have had security issues in the past (see the Outpost forum thread Security Alert: Linksys BOOTP Memory Leak (http://www.outpostfirewall.com/forum/showthread.php?t=10565) for info and links).

As for the choice of firewall, that is a topic that has been raised plenty of times in the Firewall forum. ZoneAlarm is simple and therefore good for beginners but can be a pig to uninstall if you want to try something else. Kerio and Outpost offer more flexibility and control (but require more expertise also) while Tiny is for the belt-and-bracers crowd who want full Windows process control also - but with an intimidating interface and a learning curve that's more like the Great Wall of China for many people. :)

However, you are presumably going to be running some sort of application between those PCs are you not? (like a VPN). In which case, more details on it would be handy since some firewalls may work better than others with it - and you can expect to have to do extra configuration on the routers' firewalls also.

Hi TOn3LaB,

It seems that the DSL modem you chose ALSO has a built in firewall which may cause some problems. From a cursory search, I found this review by an end user:

-{ Quote: "All in all the DSL-300T does exactly what you expect it to. Configuration of the modem and connecting to the internet is straight forward and can easily be completed in minutes.

The only problem with the unit, is that its too clever for its own good, and includes an inbuilt firewall, which with the initial software release is all but impossible to turn off, or for that matter configure such as port forward, or enabling the DMZ.

The advanced configuration for the modem such as the firewall, only seems to be available by editing the configuration xml file which can be exported, and imported within the web administration interface. But dont expect any documentation on the CD or manual for the settings or switches that can be performed within the XML file.

With this in mind, if you are planning on connecting this modem up to a router with yet another firewall, you may find that you end up in a whole heap of problems identifying which firewall is blocking what.

Ive know various people who had used the DSL-300G+ modem and have had little or no problems with it, Im not sure whether I would call this product a worthy successor to the original.

That being said, its still on its initial software release, and D-Link may well solve the problems with a future firmware update." }-

You may want to reconsider your modem choice. It is a neat idea to have a firewall inside the modem (closer to the internet perimeter). I think you are looking for trouble with these two hardware firewalls interacting. This modem would be good if you just had a router (with no firewall). My opinion, but I think modem manufacturers should stick to making modems.
As everybody else already said, a software firewall is definately a good idea.

Hello,

Thankyou for the replies so far!

paranoid2000: All I want is Trasfer files to and from the machines, print documents and internet access not sure whether thats what you ment!

Devinco: Do you think the D-Link DSL-302G (http://www.dlink.com/products/?pid=67) would be prefered?

The only firewall I have really used is Sygate and a little on Outpost!

Many thx!

TL

-{ Quote: "paranoid2000: All I want is Trasfer files to and from the machines, print documents and internet access not sure whether thats what you ment!" }-If your 2 PCs are either side of an Internet connection then you will not be able to use NetBIOS (the normal method Windows uses to share files and printers) to cross this, you will need to consider a VPN (Virtual Private Network) connection through which you can then run NetBIOS or any other protocol. VPNs are also encrypted so will provide increased security.

There are several different methods of implementing a VPN, some of which are built into Windows (the Point-to-Point Tunneling Protocol for instance). You will, of course, need to configure your firewalls specifically for each type and some VPN software can cause problems with firewalls (e.g. Cisco's VPN includes ZoneAlarm components which can conflict with other firewalls - see the Outpost forum thread Outpost And Cisco Vpn Solution (http://outpostfirewall.com/forum/showthread.php?t=9917) for a workaround).

-{ Quote: "Devinco: Do you think the D-Link DSL-302G would be prefered?" }-
Based on the limited info I looked at and the fact that it does not have a built in firewall, I think it would be a better choice. Here is a epinions customer review (http://www.epinions.com/pr-D-Link_DSL_302G_DSL-302G_Modem/display_~reviews). Note, take "customer reviews" with a grain of salt, as some manufacturers/resellers "plant" positive reviews while some competitors "plant" negative reviews. You can usually tell the fake reviews by the content. This one looks okay.

Some opinions on a couple of things:

Most all networking gear runs warm to very warm. If it is very hot, like burn you fingers, then it could be a problem. Just don't insulate the gear or power brick and it should be fine.
Given a choice, I would always chose ethernet over USB. Even though XP's USB is a lot more stable, it will never be as stable or fast as Ethernet. With USB, your network will have to compete with all the mice, keyboards, printers, webcams, etc. If you connect via USB, it will also bypass the hardware firewall in the Linksys router. This modem can use either one so that is good.
Contact your ISP and speak with someone in tech support and ask a lot of questions. Will they even let you use your own modem? What are the requirements/specifications for the modem to work properly with the ISP?
Do they recommend specific models? Dynamic IP or Static IP? What are the DNS Server IP addresses? The answers will help you pick the right modem that will work with your ISP.
From your post, you only need to connect 2 computers to the internet. These will work just fine for that.
You are likely to keep your broadband modem for a long time (like a computer monitor), so do a lot of research first!

Here are some links for good networking hardware info:
Broadband Reports Forum (http://www.broadbandreports.com/forums/18)
DSL Reports Forum (http://www.dslreports.com/forums/all)
DLink Forum (http://www.dslreports.com/forum/dlink)
Practically Networked (http://www.practicallynetworked.com/)

Oki,

Forgive me if I ask silly questions or I don't quite follow things, I am very confident on standalone Audio/Media based PCs and Macs, networking is not a strong point of mine.

Paranoid2000 I thought with VPN that I would only need to consider this if I were to connect to my works LAN and have the ability to access documents, perhaps I should explain my setup a little better.

PC1 XPSP1a <- My work machine

PC2 XPSP1a (Printer, Scanner, External Storage) <- The wifes!

I just want the ability to print and allow both PCs net access, is vpn nessasary?

Devinco I have a well ventilated area for the network gear in my cupboard which stays very cool, infact its the same area where all the beer is kept. I will do alot more research before I make my purchases and will post any findings or issues that concern me.

Also something else that surprised me is that I have find the hardware to be very cheap, I had always assumed it was expensive gear!

Many thx so far!

TL

Cool and dry with decent airflow is good. Humidity and wetness (like inside a refridgerator) is bad.
Every year it gets cheaper and more powerful. It gets pricey quickly when you need enterprise class gear.