Ajira.eu

A week ago, I wrote about a new server that will be placed off-site. The server will be accessible via a transit line from our main location and via a site-to-site VPN connection over the Internet. For this internet part, it obviously needs a firewall.

The hosting company could provide firewalling, but the costs were a bit ridiculous: € 300,- for the initial setup, € 75,- per month for rent of the firewall (since it would get full support) and another € 75,- per month for the hosting (rack space) of the firewall. Both me and my boss agreed that's a bit ridiculous, since all the firewall has to do is block all inbound traffic minus 2 or 3 ports. Placing our own firewall would cost us just the € 75,- a month for the hosting and the initial purchase fee of the firewall, which we can get with a firm discount anyway, because we are a reseller.

The idea was to buy a simple, cheap but reliable 19" rack mountable firewall: the Cisco ASA 5505. With a bit of luck and coincidence, one of the sales guys sold a brand new firewall to a customer a few months earlier, and got their old firewall as a trade-in. We did a bit of sniffing through the warehouse, and found her... the MILF among firewalls: the Cisco Pix 515 Firewall.

Unfortunately, the rack mount brackets were missing, but those shouldn't be much of an issue to obtain. A quick look inside the unit revealed a cute little main board with a Pentium 200 MMX processor, two 16-bits PCI slots and two 168 pins SDRAM slots, one filled with a 32 Megabyte module.

My guess is that the PCI slots are there for additional network adapters, which is good news. The unit itself has 2 10/100 MBps Ethernet ports, but I might need a third one. Tomorrow I will look in the warehouse if I can find a 2nd memory module (preferably also 32 Megabytes.

The configuration is slightly different from the Cisco 1841 that we use in the office, but I'm sure I can get it working. There's plenty of information to be found on the internet, and a bit of logic also gets you quite far.