according to what this guy writes, http://rockpenguin.wordpress.com/2008/02/23/installing-pfsense-on-the-alix2c... such thing as a firewall based on Alix platform requires at least few days of work for a guy on a salary with nothing else to do :) If you start counting the cost of worktime to have it up and running, probably any off-the-shelf firewall would be much more affordable. Or even a Cisco 8XX router, whatever current SoHo series they have :)
----- Original Message ---- From: Rainer Duffner rainer@ultra-secure.de To: swinog@swinog.ch Sent: Wednesday, March 5, 2008 3:39:54 PM Subject: Re: [swinog] VDSL/Zyxel P2802 HWL not 'strong' enough for a small company LAN?
Manuel Krummenacher schrieb:
I personally would buy an Alix board from pcengines.ch (costs about CHF 150 with 3 LAN interfaces), install pfSense on it, switch the Zyxel to bridge mode and be happy. ;-) With the Alix, you would also gain extra benefits like complex packet filter rules, traffic shaping, traffic graphs etc. (see pfsense.com for full feature list).
Seconded. I've got a previous-generation WRAP board with pfSense (just upgraded to the recently released 1.2). It should be noted that pfSense also does IPSEC and OpenVPN "SSL-VPN" and a host of other things. I'm not sure how much bandwidth the Alix-boards can shuffle, but my WRAP is supposed to max out somewhere in the 30MBit range. You can also install it on an old PC and temporary replace the Zyxel, to get some idea about the current traffic pattern.
Rainer
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
On Wed, March 5, 2008 9:45 pm, Stanislav Sinyagin wrote:
according to what this guy writes, http://rockpenguin.wordpress.com/2008/02/23/installing-pfsense-on-the-ali x2c1/ such thing as a firewall based on Alix platform requires at least few days of work for a guy on a salary with nothing else to do :) If you start counting the cost of worktime to have it up and running, probably any off-the-shelf firewall would be much more affordable. Or even a Cisco 8XX router, whatever current SoHo series they have :)
I get your point. You have to do some work to get it running, but its far away from days. If you don't need serial access, you can skip the part with the baud-rate configuration. The interfaces can be assigned from the web interface. (And you don't have to unmount the CF card as stated in the article, because dd doesn't need it mounted.) I get an ALIX up and running in about an hour incl. (simple) configuration.
And at least you get a nice enclosure. There's no cool company logo on it, but it doesn't look like homemade.
By the way, if you want a "turn-key" solution, you can buy it assembled and installed:
http://shop.a-enterprise.ch/product_info.php?manufacturers_id=12&product...
However, there is a downside: You get no support for the entire product. If the hardware fails and the boards are sold out, you probably have to wait rather long. (But at this price, I always have a board in reserve.)
Regards, Manuel