Ipcop box, ideas wanted

T

The Spyder

2[H]4U
Joined
Jun 18, 2002
Messages
2,628
I finally upgraded my works internet from a 1.5 DSL line to comcasts 20mg cable service (more like 30 :). Anyways, I have a horrid Sonic Wall TZW in there now, it likes to lock up and runs hotter then a toaster. For now since I am "testing" the line, its running into a VIA M10000+ 512mgs +10gig hard drive and 3 nics. Everything works great, but I am concerned that once I start doing 30+ users this hardware will be insufficient

I am thinking at least a P4 2.6+, 1gig and 4 Intel PRO nics. I will keep a spare router pre configured if this ever goes down, so no worries. Heck, maybe a E2180+MB+1gig ram for $100?

I will be running several plugin's for Ipcop, mostly spam/proxy/ect.
 
Get untangle if you want something that is very easy to configure, and has LOTS of features to keep your network secured. Endian is also pretty good as well.

Theres no point in messing round with squid and dansguardian etc in ipcop, its not worth the hassle when untangle is pretty easy to configure, you just have to enable web filtering. Also untangle has support if you need it.

If you want to use the untangle features that require payment go ahead, there are things like active directory auth and stuff like that.
 
Since this is a business, it wouldn't be a bad idea to actually grab a small server with support from a manufacturer like Dell. Just a thought. As for your concern, it all depends on what you are going to have enabled in IPCop; if you are going to be running any sort of proxy (especially squid) than you are going to want a more powerful solution (than the M10000) for "30+ users." Additionally, as the above poster mentioned, look at Untangle as it's a nice UTM (unified threat management) solution for businesses.
 
Yeah for a business....get Untangle.
Antivirus filtering
Antispyware filtering
SPAM filtering
Content filtering
VPN
A whole slew of robust firewall abilities.

Tons better than IPCop with Copfilter.

And since it's for a business, yeah...grab a solid business grade computer. I've used Dells PowerVault R200 1U servers...works great on them. Can pick up them up quite cheap too..including rail kits.

Here's a review I did on it...
http://www.smallnetbuilder.com/content/view/30539/51/
 
Go with untangle. Has a great interface and excellent features you'll love!

@ YeOldeStonecat - great review ;)
 
YeOldeStonecat said:
Yeah for a business....get Untangle.
Antivirus filtering
Antispyware filtering
SPAM filtering
Content filtering
VPN
A whole slew of robust firewall abilities.

Tons better than IPCop with Copfilter.

And since it's for a business, yeah...grab a solid business grade computer. I've used Dells PowerVault R200 1U servers...works great on them. Can pick up them up quite cheap too..including rail kits.

Here's a review I did on it...
http://www.smallnetbuilder.com/content/view/30539/51/
Click to expand...
You must mean Poweredge R200, and thanks I will take a look at it.
 
omega-x said:
how does untangle compare to pfsense or m0n0wall?
Click to expand...

It's a totally different beast. Untangle is a Unified Threat Management distro...it does a TON of work. Antivirus scanning, anti spyware scanning, content filtering, QoS, SPAM filtering, very robust firewall rules.

It's designed totally for the business/corporate environment. It's not meant for speed.

Other more well known distros like IPCop, m0n0wall, PFSense, etc...they're all more basic.

I never tried installing on 600MHz, the specs have a minimum of 1 GHz and 512 megs. It does state that you can install it on lesser hardware....for very small setups. I've installed it on a P3 800something...with 512 megs. It works..a little slow.
 
The Spyder said:
You must mean Poweredge R200, and thanks I will take a look at it.
Click to expand...

That I do. Installed smooth as buttah, and has been running smooth as buttah since the install. Pair of 80 gig SATA drives in hardware RAID 1, 2 gigs of RAM, the Intel duo, pair of onboard Broadcom XTreme NICs which support *nix well....it's a great box for it.
 
I wouldnt suggest running untangle on a 600mhz cpu, I run it on a 2800 amd 754 cpu and even with a gig of ram it isnt the speediest of things, so I wouldnt think it would take to a 600mhz cpu in a hurry.
 
Im stuck on a bloody shoe string budget, and from what I can see, I can grab a Used Poweredge 860 (the r200 older brother) for $499. Dual Core Xeon, 2gigs, 2x 160gig Sata, Perc5 raid, 2yrs warranty left.
Compare that to the same thing (r200) for $1200 new from Dell.

Hurm, well I have to push this out this week, so for now its going to be Ipcop with no features, still beats the heck out of the Sonic wall. I will get something ordered for the future however.
 
The Spyder said:
Im stuck on a bloody shoe string budget, and from what I can see, I can grab a Used Poweredge 860 (the r200 older brother) for $499. Dual Core Xeon, 2gigs, 2x 160gig Sata, Perc5 raid, 2yrs warranty left.
Compare that to the same thing (r200) for $1200 new from Dell.
Click to expand...

That'll be nice 'n zippy for Untangle. :cool:

What "features" do you need? Going from a Sonicwall..to IPCop..doesn't seem like an upgrade. Doesn't this business want any UTM features? If Untangle scares you...I'd at the very least look at "Endian". It's based on IPCop, but it has the "Copfilter" UTM add-on...so you get some antivirus and spam filtering features, as well as good VPN features. It's also designed for the business network. I used this distro a bit before I fell on Untangle.
 
Isn't Untangle free with a paid support contract?

I'm not aware of any such thing with IPCop. For home use, I use IPCop but for a production work environment, I'd definitely look into a UTM that has a professional support line that you can call in case something happens.
 
Gott said:
Isn't Untangle free with a paid support contract?

I'm not aware of any such thing with IPCop. For home use, I use IPCop but for a production work environment, I'd definitely look into a UTM that has a professional support line that you can call in case something happens.
Click to expand...

They have a "Community Distro" which is free to download and install with the basic features.
Their support forums are very active, and very helpful. You can also get paid support, and they have various "ala cart" pay for versions and options which will include support and config backup.
 
Untangle dosent scare me, haha.
Its actually what I will be running on that 860. I already have Ipcop running on this hardware and one of our half million dollar machines just died. Its going to be getting the next few days of my time and I already have the down time scheduled. Basically it comes down to whats on hand, free time, and a UTM like untangle looks like its the way to go.
 
i'll just tell you about the ipcop that was at the company i work for when i got here. NOTHING but trouble. in fact we just went office space on it when we got our cisco's in. most fun i have had in a long time, that thing got destroyed lol.
 
Funny, i set up a small business on an IPcop/honeypot combo and afaik they still use it with perfect uptime.

The business i currently work for, is sort of a "make do" sort of thing where they dont want to pay 500 dollars for a cheap router, so i set up a wrt54g with dd-wrt v23 and it's been totally rock solid for 2 years now.
 
I like Untangle, but beware, you need a beefy box. My only beef with it is that it doesn't have SQUID. I'm gonna order a Vostro 200 Slim Tower and, hopefully, ESXi will run on it. I'll just run Untangle (bridged) and IPCOP on the same box if it does.

P.S. A caching web proxy/update server is critical for my needs. I'll be deployed next year and managing a 1MBit satellite internet pipe for 50 people. I want to reduce bandwidth usage as much as possible. I'll be setting the Update Accelerator cache to 50GB, and the Web Cache to about 300GB. Hopefully the youtube cache mods will work.
 
You must log in or register to reply here.
Back
Top