Linux Server to replace ISP router and run all services

December 28, 2018 at 17:04:21
Specs: Ubuntu Server 18.04, Xeon 3.4Ghz / 8GB DD3
I would like to run a Linux Server to replace my router and this is what I have at the moment

Device 1:

Huawei
EchoLife HG612
FTTC VDSL NTE (Ethernet modem only)
This is a BT Openreach branded version

To run the following:

WAN connection FTTC on BT Infinity 2 80Mbps Downstream 20Mbps Upstream (average speeds)

Device 2:

Linux server (currently running Ubuntu server 18.04)
Gigabyte P7F-M WS
Samsung Evo 860 SSD 250GB
DDR3 1333Mhz 8GB

To run the following:

DNS
DHCP
SAMBA
VPN (OpenVPN preferred)
Print Server

Device 3:

Netgear R8000 ADSL modem router
AP mode only

To run the following:

Incoming WiFi connections on 2.4 GHz and 5GHz

Device 4:

Sophos Firewall
Currently running on a Lenovo Desktop PC with an additional 4 port PCI-E NIC

I would like to replace my BT Hub 6 FTTC modem router as I am concerned it may have an ISP back door that can be exploited by hackers

I do not run any Windows machines on my network

I have these devices in my network

1 Mac Mini latest revision released in November 2018 running Mojave 10.14

1 Linux Mint desktop running Version 19

2 Sony Android TV’s

1 Ring Video Doorbell 2 and a Chime WiFi for extra doorbell noise

2 PS4 standard version consoles

Apple and Android branded phones and tablets that are used by me and my family

Sorry if that’s too much info I just wanted to throw it all out there incase something is a red flag for not doing this project

message edited by jmeader


See More: Linux Server to replace ISP router and run all services

Report •

#1
February 4, 2019 at 06:12:37
This depends on your ISP.
Some ISPs don't let you use your own hardware (modem) to connect to the internet.
In that case, the MAC-Address of the modem device is configured, to get access to the internet.

But, if not, that means, you need to have a FTTC modem card in your Linux Server, which leads you to the same situation as you have right now.

A modem hands over the public ip address you get from your ISP to e.g. a router or computer behind the modem, inside your private network.

A modem does not have any firewall or something like that.

I use a FTTC modem/router.
I placed my Linux Server right behind the modem/router.
The Modem/Router has a firewall inside and is the first barrier for attackers.
Via NAT I made the port forwarding to my Linux Server.
The Linux Server (2 network cards inside) itself is also running a firewall (second barrier), and filters the internet traffic from public to private network.

This is more secure and it's running like a charm.


Report •
Related Solutions


Ask Question