Newbie: Transparent firewalling



  • Hello everyone,

    Sorry about newbie questions here, I do not have a lot of experience with firewalling and networks.

    I want to secure an old WinXP computer that is connected to the Internet via an ISP-provided router (DSL). The Computer runs TeamViewer (for remote access) and a proprietary software which controls proprietary hardware connected to the computer (which is the reason I can't change the OS or change the network topology :( ).
    I thought about putting a small pfSense appliance in between the router and the computer using bridged / transparent firewalling - the firewall should only allow TeamViewer and HTTP traffic.

    What are your thoughts about this setting? If I used a SG-1000 for this and put it into transparent mode, how would I access the management console? Do I need a third NIC?

    Thanks for your help, greatly appreciated!



  • 1. It is not unknown that TeamViewer accounts get hacked/bruted sometimes, if you use it on critical box - you should be prepared to be hacked sometime.
    2. If this proprietary software does not need public IP on interface (no external access) - you don't need to hassle with transparent filtering, just use default WAN/LAN configuration with outbound NAT for internet access. TeamViewer do NOT need to have external accessible address, because it maintains constant connection to TV servers and therefore can be accesses even over NAT.