Penny Arcade Forums Games and Technology Moe's Stupid Technology Tavern
As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options

Replacing a firewall...

GrimReaperGrimReaper Registered User regular
edited April 2008 in Moe's Stupid Technology Tavern
So, at work my boss and others are wanting to work from home and a few other things. Our current firewall doesn't have VPN capability. (unless we pay £££ for an update/license)

The current firewall is from GTA, it essentially is a pc in a custom rackmount case with freebsd and some nice configuration utils etc. (see here for a demo config)

I'm mulling over what to do, here's as I see it my options.

Go with GTA or another commercial firewall vendor and pay quite a bit of money.. OR buy a rackmount case and server mobo, a bunch of low profile server nics and stick something like IPCop on it or brave it with openbsd.

The extra NICs are for a dmz for the webserver and a planned ftp server.

Does anyone have experience with doing something like this? Replacing their works firewall with something like IPCop?

PSN | Steam
---
I've got a spare copy of Portal, if anyone wants it message me.
GrimReaper on

Posts

  • Options
    SporkAndrewSporkAndrew Registered User, ClubPA regular
    edited April 2008
    At my last workplace we had everything behind an Endian firewall running on a Fedora Core server we had spare. It's hugely robust and best of all free, and the configuration and documentation is brilliant.

    SporkAndrew on
    The one about the fucking space hairdresser and the cowboy. He's got a tinfoil pal and a pedal bin
  • Options
    GrimReaperGrimReaper Registered User regular
    edited April 2008
    SporkAndrew wrote: »
    At my last workplace we had everything behind an Endian firewall running on a Fedora Core server we had spare. It's hugely robust and best of all free, and the configuration and documentation is brilliant.

    I wish there was a firewall distro that had the flexibility of ipcop, endian etc that used openbsd as its base. I don't like the prospect of having to configure openbsd from the ground up. (even if all I want to do is check it out, although I did have a quick play around of openbsd in vmware a while back)

    Curious, I just had a look at Endian and it's based on IPCop. What are the differences? (also queued it up to download, gonna install it in a virtual machine anyway)

    GrimReaper on
    PSN | Steam
    ---
    I've got a spare copy of Portal, if anyone wants it message me.
  • Options
    sinnsinn Registered User regular
    edited April 2008
    If you do decide to go the Vendor route, look into getting a Firebox from WatchGuard.

    I run the Firebox X Core X1250e here and it is a fantastic device. VPN, Firewall, HTTP Proxy, AV/AS.

    sinn on
    He who controls the past controls the future. He who controls the present controls the past.
  • Options
    SporkAndrewSporkAndrew Registered User, ClubPA regular
    edited April 2008
    GrimReaper wrote: »
    Curious, I just had a look at Endian and it's based on IPCop. What are the differences? (also queued it up to download, gonna install it in a virtual machine anyway)

    As far as I can tell Endian is just IPCop++ really. The endian guys took the base code and just made it a whole bunch easier to use and added useful things like greylisting, etc.

    SporkAndrew on
    The one about the fucking space hairdresser and the cowboy. He's got a tinfoil pal and a pedal bin
Sign In or Register to comment.
Penny Arcade Forums Games and Technology Moe's Stupid Technology Tavern