is there any easy to use router/firewall software ???

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
Im looking for an easy to use router/firewall software for my home network.I was trying different ones but till now i was not happy with any of them.
Setup is : cablemodem - router : mITX PC with onboard NIC and gb PCI-e NIC - gb switch - 3 computers and one laptop.

Software i was trying already:
- Smoothwall: no support for sata drives , so cant install it.
- vyatta: got stuck at the middle of the installation process, manual and online videos were not very helpfull.
- untangle: i got it to work, but it refuses to use the NIC's the way i want to and second is that internet speed goes down to a 56k dial up like experience.
-Monowall: no support for PCI-e interface NIC.
-clearOS: didnt find the NIC's

well is there any easy to setup and easy to use software that doesnt slow down my connection speed either , so i can download and have the browser and messenger service open at the same time ?

TY
 

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
What is the processor and RAM?
I do tons of Untangle installs..with a minimal P4, a gig of RAM..and good quality NICs (important)..I have quite a few large networks on it on fast 10 and 20 meg internet pipes with no slowdowns.
What do you mean "refuses to use the nics the way you want"?
Good quality NICs are the key to good *nix routers..especially Untangle since it's layer 7. Intel, 3COM, some Broadcoms. Cheapo realtecs...blech.

IPCop is one of the easier *nix distros to install/manage...getting a bit dated though.
I'm a huge fan of PFSense...use it at home.

If you're going to do a *nix router...first research your hardware and get supported hardware, and get good NICs.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
hardware: mobo Zotac nforce 630i-ITX, cpu intel E2140, 2gb DDR2 ram, intel PCI-e gb NIC, 80gb sata HDD.

I want to use the 100mb onboard NIC to connect to the modem (modem does not more than 100mb) and the PCI-e gb intel NIC to connect to the gb switch.
untangle simply refuses to do this configuration. It only works with the onboard NIC connected to the switch and the intel NIC connected to the modem.

And as i said i cant download, open a browser and have messenger open at the same time with untangle.
 

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
Configuration of WAN and LAN NIC..which is which..is as simple as...that check box that says "Is WAN Interface". Uncheck one, check the other.

I've never installed Untangle on an nForce mobo...and I bet that one as an...ugh..realtek NIC. I do Intel chipset mobo's and good NICs. You'll find most *nix distros run better on standard hardware, and you'll find their performance is based on the NICs you choose...just some more picky than others.

I can tell you Untangle certainly allows you to download, open a browser, and have messenger open at the same time. As mentioned above..I have quite a few clients with larger networks running on Untangle...networks for 50-75 PCs even..with several servers, on fast internet pipes. And some of them are on fairly low power boxes that run Untangle...running on a little Dell Optiplex Pentium 4 2.8 with 1 or 2 gigs of RAm..and they fly. Hell our office, we pound the crap out of our Untangle box...I'm usually playing tunes on youtube, our service guy is download drivers and microsoft updates on boxes he's rebuilding..often several at a time. We host mail servers for clients...we pass nearly 3000 e-mails per day through it. It averages 2-3 gigs of traffic per day.
 

blk95civicex

Limp Gawd
Joined
Feb 10, 2003
Messages
170
Untangle will definitely allow for everything you want to do...as long as you have the hardware to run it.

I push 100's of people through UT every day without a hiccup on a 20/20Mbps connection.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
Configuration of WAN and LAN NIC..which is which..is as simple as...that check box that says "Is WAN Interface". Uncheck one, check the other.

I've never installed Untangle on an nForce mobo...and I bet that one as an...ugh..realtek NIC. I do Intel chipset mobo's and good NICs. You'll find most *nix distros run better on standard hardware, and you'll find their performance is based on the NICs you choose...just some more picky than others.

I can tell you Untangle certainly allows you to download, open a browser, and have messenger open at the same time. As mentioned above..I have quite a few clients with larger networks running on Untangle...networks for 50-75 PCs even..with several servers, on fast internet pipes. And some of them are on fairly low power boxes that run Untangle...running on a little Dell Optiplex Pentium 4 2.8 with 1 or 2 gigs of RAm..and they fly. Hell our office, we pound the crap out of our Untangle box...I'm usually playing tunes on youtube, our service guy is download drivers and microsoft updates on boxes he's rebuilding..often several at a time. We host mail servers for clients...we pass nearly 3000 e-mails per day through it. It averages 2-3 gigs of traffic per day.

Dont know about the onboard NIC which brand it is, but anyways thats not the problem.
When i switch the NIC's in the setup then untangle refuses to connect. It only works with the onbard NIC connected to the switch and the intel NIC connected to the modem. Dont ask me why i have no idea.
And when i start up p2p its impossible to open a browser or messenger at the same time.
Its fine if it works for you but i cant get it to work for my purpose. Thats why i ask if there is any other easy to use software , maybe just routing software without firewall, because i dont really need an extra firewall anyways.
 

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
I'd bet a truckload of Guinness Stout that the onboard NIC is the problem..again, being a heavy layer 7 based firewall..Untangle NEEDS..more than anything...good quality hardware controller based NICs. With Untangle..it's all about the NIC...as traffic passes virtually from module to module within the Untangle VM. I'm building another Untangle box right now to deploy at a client, I've done quite a few of them. Untangle itself easily handles very heavy loads...it's designed for SMB to small enterprise scale...it's overkill for basic home networks. So it's designed for networks of hundreds of computers, quite a few Untangle VARs have put them into full enterprise setups with thousands of users behind it..yes..thousands. I've online gamed with them at home. Had good NICs in that rig though.

Anyways...IMO Untangle isn't what you want, probably a home setup you're doing. You're talking about P2P...hell Untangle, being designed for businesses....is meant to stop that crap. You'd have to study the "Attack Blocker" module..but with a few clicks...you could fully allow P2P and the influx of poisoned content to your hearts desire.

Yes you can switch NICs..quite on the fly, I've done it often. Not knowing what type of WAN connection you have, I don't know what steps you did or didn't take...I'll wager you have cable and didn't flush the MAC on the cable modem properly when you switched NICs.

You've tried most of the common distros...m0n0wall, Smoothie, the other 2 common ones are IPCop and PFSense. Once you've hit those 2...you've hit the big 4. If they're not "easy enough" for you...dunno what else would be.
 

klesik

Weaksauce
Joined
Nov 20, 2007
Messages
69
It sounds like your hardware more than your software. I had a similar situation myself, where I wanted to use all of those distros at home on some really old computers. I'm talking PIII and absolute minimum specs. I had a pile of older stuff that I wanted to put to good use instead of throwing out. I couldn't get Untangle to install on an old Dell Optiplex box because of the chipset with that model. I got it to install on a Dell PowerEdge 1550, but it couldn't start the NIC drivers so nothing worked. I have it running now on a laptop I was given, got a USB NIC and the thing is running without any problems at all.

To echo YeOlde's experiences, I too have quite a bit of clients on Untangle on all sorts of platforms. Have one on older IBM desktops with 1GB RAM and P4's, all the way up to an HP ML110 with a dual core Xeon at another client. (I know its overkill, that was thier "extra" box lying around). Basically some of the distros are more picky than others to run. I was able to get Astaro working on that PowerEdge when Untangle didn't want to run. Go figure.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
I'd bet a truckload of Guinness Stout that the onboard NIC is the problem..again, being a heavy layer 7 based firewall..Untangle NEEDS..more than anything...good quality hardware controller based NICs. With Untangle..it's all about the NIC...as traffic passes virtually from module to module within the Untangle VM. I'm building another Untangle box right now to deploy at a client, I've done quite a few of them. Untangle itself easily handles very heavy loads...it's designed for SMB to small enterprise scale...it's overkill for basic home networks. So it's designed for networks of hundreds of computers, quite a few Untangle VARs have put them into full enterprise setups with thousands of users behind it..yes..thousands. I've online gamed with them at home. Had good NICs in that rig though.

Anyways...IMO Untangle isn't what you want, probably a home setup you're doing. You're talking about P2P...hell Untangle, being designed for businesses....is meant to stop that crap. You'd have to study the "Attack Blocker" module..but with a few clicks...you could fully allow P2P and the influx of poisoned content to your hearts desire.

Yes you can switch NICs..quite on the fly, I've done it often. Not knowing what type of WAN connection you have, I don't know what steps you did or didn't take...I'll wager you have cable and didn't flush the MAC on the cable modem properly when you switched NICs.

You've tried most of the common distros...m0n0wall, Smoothie, the other 2 common ones are IPCop and PFSense. Once you've hit those 2...you've hit the big 4. If they're not "easy enough" for you...dunno what else would be.

Yes its a simple home setup. Its basically one computer running 24/7 with p2p, browsing and messaging. Then one as HTPC and one for gaming. For the last 2 i only need the internet connection for software updates and TV programm. Then i copy files from one pc to another, basically each one got a backup of all personal files.
Yes i have cable (comcast).
What do you mean with "flush the MAC on the cable modem " ? turn it off and turn it on again ?

ok im gonna give the other 2 you mentioned a try, see what happends.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
It sounds like your hardware more than your software. I had a similar situation myself, where I wanted to use all of those distros at home on some really old computers. I'm talking PIII and absolute minimum specs. I had a pile of older stuff that I wanted to put to good use instead of throwing out. I couldn't get Untangle to install on an old Dell Optiplex box because of the chipset with that model. I got it to install on a Dell PowerEdge 1550, but it couldn't start the NIC drivers so nothing worked. I have it running now on a laptop I was given, got a USB NIC and the thing is running without any problems at all.

To echo YeOlde's experiences, I too have quite a bit of clients on Untangle on all sorts of platforms. Have one on older IBM desktops with 1GB RAM and P4's, all the way up to an HP ML110 with a dual core Xeon at another client. (I know its overkill, that was thier "extra" box lying around). Basically some of the distros are more picky than others to run. I was able to get Astaro working on that PowerEdge when Untangle didn't want to run. Go figure.

uhm...if you can run it on a P4 it should not have any problems with a E2140
 

DeChache

Supreme [H]ardness
Joined
Oct 30, 2005
Messages
7,088
uhm...if you can run it on a P4 it should not have any problems with a E2140

I've ran untangle as a Virtual Machine on a E5200 with about 8 other VM's had no performance problems.


I'm with everybody else and tell you to get two good nic's.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
I've ran untangle as a Virtual Machine on a E5200 with about 8 other VM's had no performance problems.


I'm with everybody else and tell you to get two good nic's.

well i was recommended to get an intel NIC from many people here in the forum for my internal network...so i guess it cant be that bad.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
ok , gettin tired of ipfire too. I did all the setup following the manual , everything worked ok till i got to the reboot...asking me for login ??? great ...what do i put in there ??? it does not say anything in the manual, none of the passwords i choose works ... i always get the message incorrect login. So im stuck there.
I must say all online manuals from router/firewall software are crap. They all take you to a certain point and then your left alone with some creepy command or login you cant find anywhere.
 

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
ok , gettin tired of ipfire too. I did all the setup following the manual , everything worked ok till i got to the reboot...asking me for login ??? great ...what do i put in there ??? it does not say anything in the manual, none of the passwords i choose works ... i always get the message incorrect login. So im stuck there.
I must say all online manuals from router/firewall software are crap. They all take you to a certain point and then your left alone with some creepy command or login you cant find anywhere.

Thay're set during the installation....it's pretty much the exact same install routine as IPCop. http://wiki.ipfire.org/en/installation/start
You went through those steps that you see in that link...you can't skip them...so..what did you enter there? There's the "root" password..and there's the "Admin" password..2x separate ones. ;)

So you're probably looking at the console when you reboot it. BUT..you don't have to log in. The console login is root for username, but..you don't need it. Similar to a Windows Server..you can reboot it and walk away, you don't need to actually log in to a server to have it work..you can leave it at the ctrl+alt+del...turn off the monitor..and walk away. Same with this. You just fiddle with it via your web browser..just like any Stinksys or Nutgear or DStink router.
 

DeChache

Supreme [H]ardness
Joined
Oct 30, 2005
Messages
7,088
well i was recommended to get an intel NIC from many people here in the forum for my internal network...so i guess it cant be that bad.



The Intel Nic is fine. Thats all I will use. The onboard one could be fighting with it or any number of other things.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
Thay're set during the installation....it's pretty much the exact same install routine as IPCop. http://wiki.ipfire.org/en/installation/start
You went through those steps that you see in that link...you can't skip them...so..what did you enter there? There's the "root" password..and there's the "Admin" password..2x separate ones. ;)

So you're probably looking at the console when you reboot it. BUT..you don't have to log in. The console login is root for username, but..you don't need it. Similar to a Windows Server..you can reboot it and walk away, you don't need to actually log in to a server to have it work..you can leave it at the ctrl+alt+del...turn off the monitor..and walk away. Same with this. You just fiddle with it via your web browser..just like any Stinksys or Nutgear or DStink router.

´The passwords i choose during setup dont work as login. Then i was trying to login in via web browser with http://192.168.0.1:444 as shown in the manual but i always get the answer website not found. Even though everything shows up as ok from ipfire after reboot. Only the IP address for internet is wrong. Gonna have to fix that. Oh well, tomorrow is another day...
 
Last edited:

Valnar

2[H]4U
Joined
Apr 3, 2001
Messages
4,037
onboard is nvidia ...dont know the exact number.
That's the problem. I like Realtek NICs more than Nvidia NICs. :eek:

I've ran untangle as a Virtual Machine on a E5200 with about 8 other VM's had no performance problems.
Interesting. I just removed Untangle from a virtual and put it on real hardware because of performance problems. It could have been my low-powered ESXi box though.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
The problem is not that you dont like nvidia NIC's. The hardware works just fine with ipfire. The problem is that im stuck after the installation and dont know how to login to do the final configuration. The problem is that the online manuals only take you to a certain point and then leave you alone in the dark.
 

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
Try reinstalling from scratch again...slow down and pay attention to each screen.
Year ago, when I first started dabbling with *nix router distros...I think my first build was with IPCop. I remember running into the same thing you did.."how do I log into it, oh crap...hmmm..what was it.."..and then I rebuilt it again..and paid attention to the passwords..but I think I messed up on something..and rebuilt it again...and probably a 4th time til I had it down pat.

I mean..it's what...15 minutes to reinstall? After a number of times..I had it nailed...and the differences with the console "root" login/pw, and the wed "admin" login/pw. And if I recall, IPCop defaulted to an httpS LAN IP for web management...and pay attention to the LAN IP that you assign it.
 

game14

[H]ard|Gawd
Joined
Nov 8, 2006
Messages
1,441
Ok , i reinstalled it from scratch. Same as before, after reboot everything shows up ok in ipfire as before.
I finally found the problem why i cant open the ipfire menu in my browser to log in. The problem was not ipfire , the problem was Windows7 blocking it as potentially dangerous uncertified software. Windows simply refused to load the page and to connect to the network.
Its fixed now and working perfectly fine. Port forwarding for p2p was easy to set up. No slow downs in connection speed. CPU usage only 0.05% - 2% max.
The only funny thing is that downloads are not loading continuously , they load a part at full speed - stop for a second - start loading again at full speed - stop for a second ... and so on, not a real problem.
Still gonna have to read about all the settings.

Thank you very much for the help
 
Top