So, I'm basically in charge of about 35 computers in our lab (in the sense that it's a "real lab" where we do science and simulations). We've been using a Juniper Netscreen XT, but I really think we've outgrown it to a large extent - we bounce against the "10 active computers" limit quite often these days, and I really don't want to spend $800 upgrading it to the "elite" firmware. I was hoping someone might be able to recommend a router based on the following needs:
1. Must be able to handle mapping incoming ports to different computers - ie, 22 might go to 192.168.1.X, but 23 might go to 192.168.1.Y. Bonus points for being able to alter maps based on the client's hostname (eg, extmachine.com goes to computer X when it comes in on port 22, but extmachine2.com goes to computer Y).
2. No limits on incoming/outgoing connections, beyond hardware constraints. We got burned by the Netscreen's 10 machine limit, and I'm still upset about it.
3. Not required, but nice to have: static DHCP.
4. Easy web management is a must - we can't rely on me always being here to teach other people how to use the system in depth.
5. A nice bonus would be user and group objects for use with rules (the one thing I loved about the Netscreen), but it's not a must-have.
6. I don't care at all about VPN or wireless access.
7. Gigabit LAN ports would be good, but not required. The external interface needs to be 10/100 or better, though.
8. Preferred price range is less than $700, the smaller the better.
9. Should be able to redirect internal->external->internal queries properly (eg, an internal machine queries a hostname which resolves to the external IP of the router. The internal machine tries to access that IP address. The router should forward this http request properly to the web server instead of going to the router configuration page). I don't know why most routers I've used seem to be incapable of doing this.
Thanks for the help! I'm simply not up to speed on current networking hardware, since system administration is not my primary responsibility around here.
-Erwos
1. Must be able to handle mapping incoming ports to different computers - ie, 22 might go to 192.168.1.X, but 23 might go to 192.168.1.Y. Bonus points for being able to alter maps based on the client's hostname (eg, extmachine.com goes to computer X when it comes in on port 22, but extmachine2.com goes to computer Y).
2. No limits on incoming/outgoing connections, beyond hardware constraints. We got burned by the Netscreen's 10 machine limit, and I'm still upset about it.
3. Not required, but nice to have: static DHCP.
4. Easy web management is a must - we can't rely on me always being here to teach other people how to use the system in depth.
5. A nice bonus would be user and group objects for use with rules (the one thing I loved about the Netscreen), but it's not a must-have.
6. I don't care at all about VPN or wireless access.
7. Gigabit LAN ports would be good, but not required. The external interface needs to be 10/100 or better, though.
8. Preferred price range is less than $700, the smaller the better.
9. Should be able to redirect internal->external->internal queries properly (eg, an internal machine queries a hostname which resolves to the external IP of the router. The internal machine tries to access that IP address. The router should forward this http request properly to the web server instead of going to the router configuration page). I don't know why most routers I've used seem to be incapable of doing this.
Thanks for the help! I'm simply not up to speed on current networking hardware, since system administration is not my primary responsibility around here.
-Erwos
