I usually find a $50 P4 system and throw a few network cards in them.
Linux or BSD works great and offers a wide compliment of VPN arrangements.
If you're feeling sparky.. check out vyatta. Debian based with a hardware
router feel and a pretty sane configuration system.
On Mon, Feb 24, 2014 at 9:12 AM, JP <jp@jptechnical.com> wrote:
> +1 to Royce on this one. I have been running the pfSense firewall since
> the original M0n0wall... and I have some in service over 10 years old, just
> upgrade the OS and swap hardware when needed. Like all things, there is a
> learning curve, but the web ui is simple and you will probably never need
> another router again.
>
> VPN on pfSense is more a matter of ram/cpu if you go with commodity
> hardware. There used to be a limitation of 16 concurrent connections on a
> pptp vpn, for instance, but at some point it was clarified by resource
> requirement and not an arbitrary number.
>
> Good luck, report back on your choice please.
>
>
> _____ _____
> /\___ \/\ __`\
> \/__/\ \ \ \_\ \
> _\ \ \ \ ,__/
> /\ \_\ \ \ \/
> \ \____/\ \_\
> \/___/ \/_/
>
> 907-748-2200JP Technical <http://www.jptechnical.com/>helpdesk@jptechnical.com
>
>
>
> On Sun, Feb 23, 2014 at 1:18 PM, Royce Williams <royce@tycho.org> wrote:
>
>> Site-to-site VPN, or road-warrior/remote-access VPN?
>>
>> Either way, pfSense! :-) It's a phenomenal firewall, and also does
>> both IPSec and OpenVPN. GUI setup for both is pretty easy.
>>
>> If site-to-site, how much bandwidth? My ALIX 2d13 board has and
>> onboard Geode crypto accelerator such that <10Mbit VPN should be
>> doable, or you can get an add-on card that will take it to 30Mbit (but
>> it's ~$80 eBay). If you go ALIX 2d13, it's only has 256M RAM, which
>> is cutting it close for pfSense, so I added a low-profile USB key as a
>> swap partition. It turns out that it just needs a little more that
>> 256M of RAM, and doesn't swap very quickly/frequently, so swapfile on
>> USB has actually been quite fine.
>>
>> My total cost including board, case, power, CF card, shipping, and a
>> 4G USB (bought later) was less than $240. Power consumption is <12W,
>> which is a cost consideration as well.
>>
>> Or you could repurpose a 512M+ Intel or AMD box with two NICs (or add
>> a NIC). Intel NICs recommended. Likely to eat more power than the
>> ALIX, though.
>>
>> More on VPNs on pfSense:
>>
>> https://doc.pfsense.org/index.php/Category:VPN
>>
>> I actually have a spare ALIX right now that you could try out.
>>
>> Royce
>>
>> On Sun, Feb 23, 2014 at 12:59 PM, Mike <barjunk@attglobal.net> wrote:
>> >
>> > Folks,
>> >
>> > I'm looking for a recommendation on a firewall that provides vpn
>> services on
>> > it.
>> >
>> > I know it is possible to have a server or some other box behind the
>> > firewall, but I'm looking to consolidate this on to one machine.
>> >
>> > This is for a non-profit so the commercial devices that cost more than
>> $300,
>> > really aren't an option for us.
>> >
>> > Suggestions?
>> >
>> > Mike B.
>> > ---------
>> > To unsubscribe, send email to <aklug-request@aklug.org>
>> > with 'unsubscribe' in the message body.
>> >
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Feb 24 17:09:38 2014
This archive was generated by hypermail 2.1.8 : Mon Feb 24 2014 - 17:09:38 AKST