Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Torrents UpNp vs Port Forward

    NAT
    2
    4
    3774
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      HiTekRedNek last edited by

      Hi,

      I'm setting up a Torrent Box and would like to know the pros and cons for my particular setup.

      DSL Modem
                                                l
                                          PFSense
                    l                                                        l
                  LAN                                                    Opt1 (LAN2)
                    l                                                        l
            File/FTP Server                                  Linksys wifi router (acting as switch) 
      (Restricted Outbound Connectivity)                  l                    l
                                                                  Torrent Box      3 other wired and wireless machines

      The only communication between LAN segments is SFTP.
      My Torrent Box will be running a UTorrent client and this is the only machine that I want with this access.
      What is the most secure way of implementing this? Should I use port forwarding or uPnP?

      Currently my Torrents are working with only the default rule applied, forwarding all traffic from Opt1 to the WAN. I am looking for a more secure configuration that I can monitor the logs for suspicious activity. My future project is to implement SNORT IDS as well.

      Any suggestions are greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • B
        Bai Shen last edited by

        I would put another nic in the pfSense box and move the torrent box to a separate segment from your wireless traffic.

        1 Reply Last reply Reply Quote 0
        • H
          HiTekRedNek last edited by

          I already have the extra port. I thought in advance before I built my mini-itx PFSense box and purchased the jetway 3 port daughterboard.

          Can you elaborate further on why you suggest segmenting from the wi-fi?

          Still not sure if I should use Port Forward or uPnP. Google searches on the topic are making my head spin.

          1 Reply Last reply Reply Quote 0
          • B
            Bai Shen last edited by

            Firstly, if you put the torrent box on a dmz nic, then you don't have to worry about any issues with the linksys wireless router.

            Secondly, I like to keep my wireless traffic separate from my wired.  That way I can handle it differently if I want, and if someone manages to crack my encryption, they can't get to my wired machines.

            Thirdly, if the torrent box is on it's own nic, then you know exactly what it's doing, and don't have any extraneous traffic to deal with.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy