Anonymous29 Hey, the installed firewall is very basic, @pato is completely right.
During my research on this topic, I came across the possibility of using a transparent filtering bridge as a simple solution where you do not have to mess around with the configuration limitations of the Sunrise Router or even have to enable DMZ mode or even install an alternative router that is not supported by Sunrise.
It seems to be quite easy using OPNSense (didn’t try it yet) on either a dedicated mini PC or ProxMox (harder).
Tutorial transparent filtering bridge with OPNSense:
In the video he lists some cheap mini PC, but since the IDS / IPS part needs a beefy processor, I would recommend a Intel N100 based one. It runs very fast and is really power efficient. If you need to handle a lot of bandwith or have a lot of rules enabled, then maybe you need an i3 or i5 one (Protectli listed in the video description)
Possible hardware suggestions:
I think, that’s the way I will go. Even if they enable the Sunrise Firewall in the future, I don’t think that it will run well enough on this s*%çç"+ modem. The disadvantage is, that you have to configure and run yet another piece of hardware which consumes electricity. But if you value security, it’s the best way to go. Even if you buy i. e. a dedicated TP-Link router with IDS/IPS capabilities, the performance will be modest.
