Currently Being ModeratedNov 17, 2011 8:59 PM (in response to rshibley)
Several things to consider here.... The Lion firewall is really easy to configure, so, that's a plus. To use it though, that implies you are going to use the server as a router. When you do that, you now have to use NAT, etc. So, it's more than just the firewall. You have two connections, meaning, whatever the Lion server is has to have a number of ehternet ports.
So, the short answer is the Lion firewall is easy and it's more than good enough to be used. However, I would say the added complications involved should lead you to using a traditional router with firewall.
Currently Being ModeratedNov 18, 2011 6:19 AM (in response to sfatula)
Ah, that is an excellent point and it is a Mac Mini so that's probably going to preclude using it for that. It's too bad, because it did look easy, and if it's secure enough it would have made things easier. That said, what brand of firewall would anyone recommend that is easy to use and secure? Like I said, we have a Sonicwall but it's basically the opposite of easy to use. We don't have complicated needs so maybe the Peplink would work, but I would love to hear from other people who have Mac based businesses about what they use.
Currently Being ModeratedNov 18, 2011 8:16 AM (in response to rshibley)
Don't know what you call easy or not so easy per se, but, we use a Netgear FVS338 which does support two internet connections, and, multiple IP addresses. It's a very nice router. Check out ther online manual to see if you think it is easy or not.
Currently Being ModeratedNov 19, 2011 10:49 PM (in response to sfatula)
If you have a single Internet connection, the easiest way to configure your firewall is with an Airport Extreme (5th generation). When configuring a service on the Server App, it automaticaly configures the corrensponding ports on the router.
It also turns on RADIUS on the Airport, so your wireless users will connect to the network with their assigned user name and password. That way, you don't have to give away the wireless keys. When a user leaves the company disabling the user account cuts the wireless access as well.
Currently Being ModeratedNov 29, 2011 7:53 AM (in response to BuenosAires926)
So with the Airport Extreme, does the Airport itself run the firewall or does the Mac Server instance do that?
Also, this is probably a fantasy, but the Airport Extreme doesn't do Multi WAN, does it?
Currently Being ModeratedNov 29, 2011 1:57 PM (in response to rshibley)
The Airport Extreme does. Is not possible to have more than one WAN connection to the Airport. I wish it did...
Currently Being ModeratedJan 2, 2013 5:04 PM (in response to rshibley)
What ended up working for you? Did you keep the TZ 210?
I see other posts here that talk about using a MacOS X Server Mac Mini and an Airport Extreme Base Station. The AEBS works as a firewall/wireless router/wired router. Did you consider this?