[aklug] Re: VPN on the edge firewall

I’m kinda partial to smoothwall myself.

Jim MacDonald
jim@macdonald.org

On Feb 24, 2014, at 5:09 PM, Shane Spencer <shane@bogomip.com> wrote:

> I usually find a $50 P4 system and throw a few network cards in them. Linux or BSD works great and offers a wide compliment of VPN arrangements.
>
> If you're feeling sparky.. check out vyatta. Debian based with a hardware router feel and a pretty sane configuration system.
>
>
> On Mon, Feb 24, 2014 at 9:12 AM, JP <jp@jptechnical.com> wrote:
> +1 to Royce on this one. I have been running the pfSense firewall since the original M0n0wall... and I have some in service over 10 years old, just upgrade the OS and swap hardware when needed. Like all things, there is a learning curve, but the web ui is simple and you will probably never need another router again.
>
> VPN on pfSense is more a matter of ram/cpu if you go with commodity hardware. There used to be a limitation of 16 concurrent connections on a pptp vpn, for instance, but at some point it was clarified by resource requirement and not an arbitrary number.
>
> Good luck, report back on your choice please.
>
>
> _____ _____
> /\___ \/\ __`\
> \/__/\ \ \ \_\ \
> _\ \ \ \ ,__/
> /\ \_\ \ \ \/
> \ \____/\ \_\
> \/___/ \/_/
>
> 907-748-2200
> JP Technical
> helpdesk@jptechnical.com
>
>
> On Sun, Feb 23, 2014 at 1:18 PM, Royce Williams <royce@tycho.org> wrote:
> Site-to-site VPN, or road-warrior/remote-access VPN?
>
> Either way, pfSense! :-) It's a phenomenal firewall, and also does
> both IPSec and OpenVPN. GUI setup for both is pretty easy.
>
> If site-to-site, how much bandwidth? My ALIX 2d13 board has and
> onboard Geode crypto accelerator such that <10Mbit VPN should be
> doable, or you can get an add-on card that will take it to 30Mbit (but
> it's ~$80 eBay). If you go ALIX 2d13, it's only has 256M RAM, which
> is cutting it close for pfSense, so I added a low-profile USB key as a
> swap partition. It turns out that it just needs a little more that
> 256M of RAM, and doesn't swap very quickly/frequently, so swapfile on
> USB has actually been quite fine.
>
> My total cost including board, case, power, CF card, shipping, and a
> 4G USB (bought later) was less than $240. Power consumption is <12W,
> which is a cost consideration as well.
>
> Or you could repurpose a 512M+ Intel or AMD box with two NICs (or add
> a NIC). Intel NICs recommended. Likely to eat more power than the
> ALIX, though.
>
> More on VPNs on pfSense:
>
> https://doc.pfsense.org/index.php/Category:VPN
>
> I actually have a spare ALIX right now that you could try out.
>
> Royce
>
> On Sun, Feb 23, 2014 at 12:59 PM, Mike <barjunk@attglobal.net> wrote:
> >
> > Folks,
> >
> > I'm looking for a recommendation on a firewall that provides vpn services on
> > it.
> >
> > I know it is possible to have a server or some other box behind the
> > firewall, but I'm looking to consolidate this on to one machine.
> >
> > This is for a non-profit so the commercial devices that cost more than $300,
> > really aren't an option for us.
> >
> > Suggestions?
> >
> > Mike B.
> > ---------
> > To unsubscribe, send email to <aklug-request@aklug.org>
> > with 'unsubscribe' in the message body.
> >
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.