Linux-Based Firewall/Security/VPN System

[priley]

Hello [H],

I am looking to build a linux-based firewall system and am looking for suggestions. My hopes is that this system will:

* Provide a firewall barrier between my home network and the internet
* Provide antivirus protection for the entire network
* Provide an ipSec sVPN connection

The hardware I hope to use is a Pentium 4 system (Dell Opteron 8250) with 1GB of RIMM.

This build is completely new to me (not linux, but working to build a firewall/security system) and wanted to see if any of you have 'played' with this before.

Kindest Regards
P.Riley

 

[MrGuvernment]

pfsense
m00nwall
Untangle - may not run well on 1G of ram

 

[priley]

pfsense seems pretty nifty. Think I'll throw that on a list to test.
Untangle seems to be "buy support to download." Think I'll avoid that.
Any thoughts on ipcop?

 

[ComputerBox34]

This for home or business use?

Astaro (or soon to be called UTM9) has a home edition of their gateway SW that supplies everything you would need but the home edition is limited to 50 IP's.

http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

(Called Sophos UTM since the company was purchased, but it used to be called astaro - support forums here: www.astaro.org)

 

[/dev/null]

pfsense is not linux. I've been using it & it works pretty well.
I tried untangle & couldn't make heads or tails of it. I thought it was terrible.

 

[priley]

This for home or business use?

Astaro (or soon to be called UTM9) has a home edition of their gateway SW that supplies everything you would need but the home edition is limited to 50 IP's.

http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

(Called Sophos UTM since the company was purchased, but it used to be called astaro - support forums here: www.astaro.org)

This is for home use. Depending on how it turns out, might suggest it for the office however.
Have worked with Sophos a bit and have no complaints. I'll toss that up on the testing list as well. A limit of 50 IPs isn't going to hinder me a bit.

pfsense is not linux. I've been using it & it works pretty well.

My hopes is to have a system that I can manage completely by web clients. From the screenshots it seems that pfsense is this way?

 

[402blownstroker]

Untangled.

 

[ComputerBox34]

Untangled.

I don't like that you have to "buy" packages that give you the same functionality Astaro does for free.

 

[Jesse B]

pfsense (which is in turn based off monowall, so you may want to check that out) seems pretty popular. Setting up a pfsense rig myself.

 

[MrGuvernment]

you dont have to buy the packages, they have free variations, untangle is worth every penny as a UTM when compared to others.

pfsense sounds like your best bet.

 

[Danith]

I've been playing around with Zentyal in a VM, pretty neat and if my current router goes Im going to use that

 

[mwarps]

pfsense is based off of FreeBSD, just for reference.

smoothwall was cool a few years ago, but it seems like they've sorta died on the vine.

 

[nev_neo]

Been using pfsense for about 4 months now 24/7.. its been working like a champ !

 

[squishy]

As stated above, pfsense is not linux, but quite frankly it's the best open source utm/firewall/vpn server/router/holy crap this thing is awesome os in existence. Cisco 5505? pffft, I'll take vlan trunking and full featured utm for a dollar Alex.