Eric, I agree with all that you wrote. However, * I don't have a spare P3 * I have some old laptops, but no dual nic ones * I don't have space in my cable shelf to anything bigger than my current BEFSX41 firewall/router * The shelf is up high in a rather warm room and the 2 switches, and it gets a little toasty in there in the summer. A real computer is the best technical solution, but not feasible in my set up. Thanks for the idea! Mark On Fri, Jul 6, 2012 at 5:19 PM, Eric Shubert wrote: > I run IPCop as a VM (presently VMware, soon to be KVM). > > IPCop has everything you're looking for in a prebuilt distro. Any ol' > PentiumIII or greater should do, with 2 nics. IPCop provides all of the > network services you'll likely ever need, and then some. > > You really only need 2 nics (WAN/LAN) on the firewall. I think it'd be > more appropriate (easier, cheaper) to add another GigE switch to what you > have. They can be chained together of course. > > > On 07/05/2012 11:10 PM, James Dugger wrote: > >> MSI Micro ATX board with Athlon II processor w/ 4 PCI slots (or 2 PCI >> and 2 PCIE) >> 2 GB RAM >> 4 gigabit NIC cards >> IDE or SATA to Compact Flash Adaptor >> Compact flash 2GB memory - install Linux or Router based distro on CF >> card or USB memory stick >> External power 120v to 12v transformer w/ mono power converter >> Small micro case >> Set BIOS to boot CF Card or USB Memory stick >> Ubuntu 10.04 or 12.04 LTS server minimum install >> - Install Openssh >> - Firewall >> - OpenVPN >> - iptables >> >> Basically you are building an edge router/vpnserver. There are a lot of >> instructions to build a high end router/openvpn system using a minimum >> box configuration. The mobo chip and RAM maybe overkill but smaller >> ATOM based boards probably won't have 4 PCI slots. you should be able >> to pick up these for very reasonable cost compared to a higher end >> router. Do you need all 4 - 1 gigabit connections to the router or can >> the connections to the VPN be shared off of one or two NICs? OpenVPN >> needs a minimum of 2 NIC's (Unless you have set up virtual network >> adaptors and bridged them together). Are you dedicating each user to a >> NIC for speed? If not you could allocate the 4 users to a NIC and >> connect the router/vpnserver to a 4 port gigabit switch. >> >> I'm sure there are a number of the ways to do this and there even might >> be fairly high end router for a good deal but most will also have built >> in wireless as well. to find a dedicated wired only higher end router >> you may pay as much as the system I just outlined and it would be no >> where near the capabilities of the above system unless it was a lot more >> expensive. >> >> I'm sure that there are others here with a lot more experience with >> consumer and enterprise level equipment then myself but I have had >> success with the above. Also keep in mind that the Athlon II is 64bit >> with SVM built in for virtualization. With additional memory you could >> run the whole thing virtualized using KVM or VMware. >> >> Good Luck! >> >> >> >> >> On Thu, Jul 5, 2012 at 7:53 PM, Mark Phillips >> >> >> wrote: >> >> I am looking for a router with the following characteristics: >> * No wifi >> * 4 gigabit LAN ports >> * 1 WAN port to connect to my Cox Cable Modem >> * 400 MHZ+ processor so I can run OpenVPN SSL for a max of 4 remote >> users to access the LAN at the same time. >> >> The last point comes from reading various forums about running >> openvpn on the router, and they all say get the fastest possible >> cpu. I probably have to run dd-wrt on the router to get openvpn >> running on the router, but I am open to other options (most of the >> open source router packages support openvpn, so anyone will do). >> >> Thanks! >> >> Mark >> >> >> ------------------------------**--------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.**phoenix.az.us >> >> > >> >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.**us/mailman/listinfo/plug-**discuss >> >> >> >> >> -- >> James >> >> >> >> >> > > -- > -Eric 'shubes' > > > > > ------------------------------**--------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.**phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.**us/mailman/listinfo/plug-**discuss >