Frequently Asked Questions


Can I trust this site?

Since the software is open source, and freely available, you can have a look for yourself. There are no features that surreptitiously store or send a copy of your file anywhere. Some security related features built into the BRST include:

  • Hosted BRST is via an HTTPS connection.
  • A valid certificate has been purchased and applied.
  • Processing is done on the client side using Javascript.

That said, I don't own the server this is housed on, or any gear in between, so some precautions are in order. See "What precautions should I take?" below.

What is a border router?

A border router in the context of the BRST is a router that is positioned between a firewall and the Internet. They were often used as a conduit to connect a T1 or fractional T1 to a firewall which required an Ethernet connection.

If you don't have a border router, and wonder what security measures you can take, or what the BRST can do for you, see "What if I don't have a border router?", or "If I don't have a border router how can I use the BRST?" below.

What precautions should I take?

  • Always have a backup of the running configuration (keep before and after changes copies).
  • Do not use the user name or password you entered on the BRST form (change it before pasting it into the router).
  • Consider using a fictitious outside IP Address and Gateway.
  • If you're still concerned, or you want to modify the BRST, download the software, fire up a web server, and run it yourself.

I used the tool and now my router's borked. What can I do?

Hopefully, you followed the steps on the Start Here page and can get back up and running fairly quickly.

  1. Restore your router using the configuration file you created prior to using the BRST.
  2. Look over the session information you recorded when you tried to run the utility.
  3. Try correcting the error and reinstalling the configuration file.
  4. If for some crazy reason, you don't have a backup of the configuration, you should only need a few items to get back on line:
  5. Obtain the following information and enter it into the router:
    1. The gateway for your router (should be provided by your Internet Service Provider (ISP)).
    2. The interface, IP address, and subnet mask for your connection to your ISP (should also be provided by your ISP).
    3. The interface, IP address and subnet mask for your internal connection (you should know this or be able to find it out).
  6. If the error is with the BRST itself, please contact me so I can correct the problem.

What if I don't have a border router?

If you don't have a border router, you can still make sure your border is secure. If you don't have a high priced corporate grade firewall from a company like Cisco or Juniper, and want an open source alternative, consider a firewall like PFSense.

If you have other Cisco routers or switches within your network, read "If I don't have a border router how can I use the BRST?" below.

If I don't have a border router how can I use the BRST?

With Ethernet hand off's from ISP's more and more common, border routers are less often used. If you don't have a border router, but still have Cisco routers and layer 3 switches, you can use the BRST to:

  • Generate a secure configuration template you can then adapt to secure other Cisco devices.
  • There are some things to be aware of if you do this:
    • The configuration file generated has built-in Access Control Lists (ACL's) which you'll have to locate and modify by hand to fit your network.
    • You may have more interfaces or VLAN interfaces to handle than the tool was designed for. Try to replicate the intent of the ACL's for the various interfaces.
    • There are additional measures you'll want to take on your Cisco switches, but many of the same configuration settings will apply to layer 3 switches.