Eric,
I agree with all that you wrote. However,
* I don't have a spare P3
* I have some old laptops, but no dual nic ones
* I don't have space in my cable shelf to anything bigger than my current
BEFSX41 firewall/router
* The shelf is up high in a rather warm room and the 2 switches, and it
gets a little toasty in there in the summer.
A real computer is the best technical solution, but not feasible in my set
up.
Thanks for the idea!
Mark
On Fri, Jul 6, 2012 at 5:19 PM, Eric Shubert <
ejs@shubes.net> wrote:
> I run IPCop as a VM (presently VMware, soon to be KVM).
>
> IPCop has everything you're looking for in a prebuilt distro. Any ol'
> PentiumIII or greater should do, with 2 nics. IPCop provides all of the
> network services you'll likely ever need, and then some.
>
> You really only need 2 nics (WAN/LAN) on the firewall. I think it'd be
> more appropriate (easier, cheaper) to add another GigE switch to what you
> have. They can be chained together of course.
>
>
> On 07/05/2012 11:10 PM, James Dugger wrote:
>
>> MSI Micro ATX board with Athlon II processor w/ 4 PCI slots (or 2 PCI
>> and 2 PCIE)
>> 2 GB RAM
>> 4 gigabit NIC cards
>> IDE or SATA to Compact Flash Adaptor
>> Compact flash 2GB memory - install Linux or Router based distro on CF
>> card or USB memory stick
>> External power 120v to 12v transformer w/ mono power converter
>> Small micro case
>> Set BIOS to boot CF Card or USB Memory stick
>> Ubuntu 10.04 or 12.04 LTS server minimum install
>> - Install Openssh
>> - Firewall
>> - OpenVPN
>> - iptables
>>
>> Basically you are building an edge router/vpnserver. There are a lot of
>> instructions to build a high end router/openvpn system using a minimum
>> box configuration. The mobo chip and RAM maybe overkill but smaller
>> ATOM based boards probably won't have 4 PCI slots. you should be able
>> to pick up these for very reasonable cost compared to a higher end
>> router. Do you need all 4 - 1 gigabit connections to the router or can
>> the connections to the VPN be shared off of one or two NICs? OpenVPN
>> needs a minimum of 2 NIC's (Unless you have set up virtual network
>> adaptors and bridged them together). Are you dedicating each user to a
>> NIC for speed? If not you could allocate the 4 users to a NIC and
>> connect the router/vpnserver to a 4 port gigabit switch.
>>
>> I'm sure there are a number of the ways to do this and there even might
>> be fairly high end router for a good deal but most will also have built
>> in wireless as well. to find a dedicated wired only higher end router
>> you may pay as much as the system I just outlined and it would be no
>> where near the capabilities of the above system unless it was a lot more
>> expensive.
>>
>> I'm sure that there are others here with a lot more experience with
>> consumer and enterprise level equipment then myself but I have had
>> success with the above. Also keep in mind that the Athlon II is 64bit
>> with SVM built in for virtualization. With additional memory you could
>> run the whole thing virtualized using KVM or VMware.
>>
>> Good Luck!
>>
>>
>>
>>
>> On Thu, Jul 5, 2012 at 7:53 PM, Mark Phillips
>> <mark@phillipsmarketing.biz <mailto:mark@**phillipsmarketing.biz<mark@phillipsmarketing.biz>>>
>> wrote:
>>
>> I am looking for a router with the following characteristics:
>> * No wifi
>> * 4 gigabit LAN ports
>> * 1 WAN port to connect to my Cox Cable Modem
>> * 400 MHZ+ processor so I can run OpenVPN SSL for a max of 4 remote
>> users to access the LAN at the same time.
>>
>> The last point comes from reading various forums about running
>> openvpn on the router, and they all say get the fastest possible
>> cpu. I probably have to run dd-wrt on the router to get openvpn
>> running on the router, but I am open to other options (most of the
>> open source router packages support openvpn, so anyone will do).
>>
>> Thanks!
>>
>> Mark
>>
>>
>> ------------------------------**---------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.**phoenix.az.us<PLUG-discuss@lists.plug.phoenix.az.us>
>> <mailto:PLUG-discuss@lists.**plug.phoenix.az.us<PLUG-discuss@lists.plug.phoenix.az.us>
>> >
>>
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.**us/mailman/listinfo/plug-**discuss<http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
>>
>>
>>
>>
>> --
>> James
>>
>>
>>
>>
>>
>
> --
> -Eric 'shubes'
>
>
>
>
> ------------------------------**---------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.**phoenix.az.us<PLUG-discuss@lists.plug.phoenix.az.us>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.**us/mailman/listinfo/plug-**discuss<http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss>
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss