We currently have specialised linux fw boxes, but looking into if we can replace them with astaro boxes. That seems to be possible, but with one thing that worries me;
Currrently we have a setup that allows access to 1 of our webservers based on client IP's. This is not a sustainable method with upcoming IPv6, but for now we are stuck with it, probably for the next 2 years.
we have a astaro virtual appliance installed to test some stuff and ive looked at the forum posts to see if there is a way to do white listing to internal webservers and found 2 possible approaches;
1. NAT rule based on a "clients" group to the webserver.
2. Packet Filter based on a "clients" group
I was wondering if this would still work if that group would contain 2000 Client IP's..
This thread was automatically locked due to age.
