Re: [on-asterisk] Survey: what are people's experience with various routers?
Hi Mike I trid Untangle last night. It suprise me how slow it is PIII600 with 512MB ram and it loads for ever. .. I know it looks so cool... But I need it works in the basement quite like a stone I think most case ppl set it up and forget forever unless it need upgrade. The requirement for untangle is ResourceUp to 50 Users Up to 100 UsersUp to 300 Users Intel/AMD-compatible Processor 800 MHz 1.2 GHz 1.6 GHz Memory 512 MB 1 GB 2 GB Hard Drive 20 GB 30 GB 40 GB Any way, just my 2 cents... I switched back to m0n0... Up running in 1 mins... I don't like to get another new machine for that... Alex On Wed, 30 Jan 2008 9:48:01 -0500 mike.ashton [EMAIL PROTECTED] wrote: Alex, Untangle looks intersting and it has commercial support available, will give it a try. Another one on my to test list is Endian ( http://www.endian.com/en/community/about/ ) it has a sip proxy module. I've installed a bunch of different routers, with varing levels of success. I tried pfSense and liked it, but for me the one lacking feature was running load balancing, traffic shaping and QOS at the same time. The developers are aware of this and have it on thier radar to get implemented but no ETA. Besides that it's a pretty solid product. I've also used the dual WAN Xincom, but they are too limited, support sucks. Some features not implemented well, like if one WAN goes down it switches over fine, but it doesn't recover when the link comes up, you have to manually bring it back up. Lately I've been using Shorewall, which is a great iptables tool, but is not the most intuitive tool. It is text config file based and not a complete set of documentation for it. But if you pick throught the docs and with a bit of trial and error you can implement almost anything you want that iptables is capable of supporting. Someone just needs to build a good GUI to manage it, so it is not something you would suggest to a client unless your going to support it. Mike -- Mike Ashton Quality Track Intl Ph: 647-722-2092 x 301 Cell: 416-527-4995 Fax: 416-352-6043 QTI CONFIDENTIAL AND PROPRIETARY INFORMATION The contents of this material are confidential and proprietary to Quality Track International, Inc. and may not be reproduced, disclosed, distributed or used without the express permission of an authorized representative of QTI. Use for any purpose or in any manner other than that expressly authorized is prohibited. If you have received this communication in error, please immediately delete it and all copies, and promptly notify the sender. - Original Message From: Alex Wang [EMAIL PROTECTED] To: Leif Madsen [EMAIL PROTECTED] Cc: asterisk@uc.org Subject: Re: [on-asterisk] Survey: what are people's experience with various routers? Date: 29/01/08 11:14 Anybody having problem with sonicwall Please check this out... http://www.untangle.com/index.php?option=com_contentamp;task=viewamp;id=344amp;Itemid=747 Untangle is the free amp; open source alternative to Sonicwall. In addition to the basics (Firewall, VPN, IPS amp; routing), Untangle makes it easier to block spam, spyware, viruses, phishing, porn, gambling, MySpace, Facebook, IM, peer-2-peer amp; much, much more. quot;Best Security Solutionquot; - LinuxWorld 2007 Runs at the gateway... No clients to install! Easy to use: Intuitive GUI, logging, reporting amp; automatic signature updates Installs on standard Intel/AMD hardware Lively forums amp; a great Wiki I used m0n0 and that's coming from the bannerI havn't try it but looks so good. Alex On Tue, 29 Jan 2008 11:04:01 -0500 quot;Leif Madsenquot; lt;[EMAIL PROTECTED]gt; wrote: gt; On Jan 29, 2008 8:31 AM, Jim Van Meggelen lt;[EMAIL PROTECTED]gt; wrote: gt; gt; Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of gt; gt; the best. Even many hardware products are based on it. gt; gt; gt; gt; If cost were no object, and you needed to buy a firewall (that of course had gt; gt; to do a good job with VoIP), what would be on your wish list? What would you gt; gt; avoid like a plague? (ask Leif about SonicWall) gt; gt; gt; gt; Any thoughts and opinions are most welcome. gt; gt; Oh don't get me started on Sonicwalls! gt; gt; (Seriously though... has anyone else had the nightmarish problems of gt; Sonicwall w/ VoIP, or is it just my inability to configure the bloody gt; thing correctly?) gt; gt; gt; A couple people mentioned pfSense, and I was running at home for quite gt; some time with good success. I've since switched out to DD-WRT on a gt; Linksys WRT54GL because I needed to setup a VPN connection that I gt; could route all my phones through (not just a single device) and it gt; has worked marvelously for that. gt; gt; Some people might be concerned about running
Re: [on-asterisk] Survey: what are people's experience with various routers?
Here's one more that looks interesting: ComixWall ISG firewall (http://www.comixwall.org). I use the underlying OS but have not tried this packaging. http://www.undeadly.org/cgi?action=articlesid=20080112215331 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Survey: what are people's experience with various routers?
I have been using SmoothWall for about two or so years now and SmoothWall Express 3 once it came out of Bata. The community is large and very helpful. While I have not used the commercial version it seems to be well support (going by the forum posts) There are many add-ons such as Advance Proxy http://www.advproxy.net/ OpenVPN, SIP Proxy and so on. http://www.smoothwall.org/ Open Source and http://www.smoothwall.net/ for commercial -- Anthony Boyington www.416solutions.com
Re: [on-asterisk] Survey: what are people's experience with various routers?
Alex, Untangle looks intersting and it has commercial support available, will give it a try. Another one on my to test list is Endian ( http://www.endian.com/en/community/about/ ) it has a sip proxy module. I've installed a bunch of different routers, with varing levels of success. I tried pfSense and liked it, but for me the one lacking feature was running load balancing, traffic shaping and QOS at the same time. The developers are aware of this and have it on thier radar to get implemented but no ETA. Besides that it's a pretty solid product. I've also used the dual WAN Xincom, but they are too limited, support sucks. Some features not implemented well, like if one WAN goes down it switches over fine, but it doesn't recover when the link comes up, you have to manually bring it back up. Lately I've been using Shorewall, which is a great iptables tool, but is not the most intuitive tool. It is text config file based and not a complete set of documentation for it. But if you pick throught the docs and with a bit of trial and error you can implement almost anything you want that iptables is capable of supporting. Someone just needs to build a good GUI to manage it, so it is not something you would suggest to a client unless your going to support it. Mike -- Mike Ashton Quality Track Intl Ph: 647-722-2092 x 301 Cell: 416-527-4995 Fax:416-352-6043 QTI CONFIDENTIAL AND PROPRIETARY INFORMATION The contents of this material are confidential and proprietary to Quality Track International, Inc. and may not be reproduced, disclosed, distributed or used without the express permission of an authorized representative of QTI. Use for any purpose or in any manner other than that expressly authorized is prohibited. If you have received this communication in error, please immediately delete it and all copies, and promptly notify the sender. - Original Message From: Alex Wang [EMAIL PROTECTED] To: Leif Madsen [EMAIL PROTECTED] Cc: asterisk@uc.org Subject: Re: [on-asterisk] Survey: what are people's experience with various routers? Date: 29/01/08 11:14 Anybody having problem with sonicwall Please check this out... http://www.untangle.com/index.php?option=com_contentamp;task=viewamp;id=344amp;Itemid=747 Untangle is the free amp; open source alternative to Sonicwall. In addition to the basics (Firewall, VPN, IPS amp; routing), Untangle makes it easier to block spam, spyware, viruses, phishing, porn, gambling, MySpace, Facebook, IM, peer-2-peer amp; much, much more. quot;Best Security Solutionquot; - LinuxWorld 2007 Runs at the gateway... No clients to install! Easy to use: Intuitive GUI, logging, reporting amp; automatic signature updates Installs on standard Intel/AMD hardware Lively forums amp; a great Wiki I used m0n0 and that's coming from the bannerI havn't try it but looks so good. Alex On Tue, 29 Jan 2008 11:04:01 -0500 quot;Leif Madsenquot; lt;[EMAIL PROTECTED]gt; wrote: gt; On Jan 29, 2008 8:31 AM, Jim Van Meggelen lt;[EMAIL PROTECTED]gt; wrote: gt; gt; Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of gt; gt; the best. Even many hardware products are based on it. gt; gt; gt; gt; If cost were no object, and you needed to buy a firewall (that of course had gt; gt; to do a good job with VoIP), what would be on your wish list? What would you gt; gt; avoid like a plague? (ask Leif about SonicWall) gt; gt; gt; gt; Any thoughts and opinions are most welcome. gt; gt; Oh don't get me started on Sonicwalls! gt; gt; (Seriously though... has anyone else had the nightmarish problems of gt; Sonicwall w/ VoIP, or is it just my inability to configure the bloody gt; thing correctly?) gt; gt; gt; A couple people mentioned pfSense, and I was running at home for quite gt; some time with good success. I've since switched out to DD-WRT on a gt; Linksys WRT54GL because I needed to setup a VPN connection that I gt; could route all my phones through (not just a single device) and it gt; has worked marvelously for that. gt; gt; Some people might be concerned about running an appliance with pfSense gt; and not having quot;someone to blamequot; though. We're all professionals here gt; and don't seem to really have that problem, but I'm curious what kinds gt; of commercial solutions you might use if you needed to recommend a gt; firewall to a customer who then had to manage it themselves? Having gt; pfSense interface to manage yourself is fine, but if something goes gt; really wrong... well... there isn't anyone to blame but the consultant gt; who recommended it :) gt; gt; For commercial, a lot of people seem to use Cisco's PIX for firewalls, gt; but that is probably on the opposite end of being customer manageable gt; (unless they've developed some web interface for it since I last used gt; one). gt; gt; At least those are my thoughts on the matter. gt; gt; -- gt; Leif Madsen. gt; http
Re: [on-asterisk] Survey: what are people's experience with various routers?
I've been using IPCop (http://www.ipcop.org) with success. It was initially based on Shorewall, and therefore iptables, but has progressively moved away from Shorewall code. The next major version will completely free it from Shorewall code. I'm also looking into pfSense Untangle. I'm looking at pfSense purely for the Dual-WAN feature which is why I'm also looking at Redwall ( http://www.redwall-firewall.com). On 1/30/08, mike.ashton [EMAIL PROTECTED] wrote: Alex, Untangle looks intersting and it has commercial support available, will give it a try. Another one on my to test list is Endian ( http://www.endian.com/en/community/about/ ) it has a sip proxy module. I've installed a bunch of different routers, with varing levels of success. I tried pfSense and liked it, but for me the one lacking feature was running load balancing, traffic shaping and QOS at the same time. The developers are aware of this and have it on thier radar to get implemented but no ETA. Besides that it's a pretty solid product. I've also used the dual WAN Xincom, but they are too limited, support sucks. Some features not implemented well, like if one WAN goes down it switches over fine, but it doesn't recover when the link comes up, you have to manually bring it back up. Lately I've been using Shorewall, which is a great iptables tool, but is not the most intuitive tool. It is text config file based and not a complete set of documentation for it. But if you pick throught the docs and with a bit of trial and error you can implement almost anything you want that iptables is capable of supporting. Someone just needs to build a good GUI to manage it, so it is not something you would suggest to a client unless your going to support it. Mike -- Mike Ashton Quality Track Intl Ph: 647-722-2092 x 301 Cell: 416-527-4995 Fax:416-352-6043 QTI CONFIDENTIAL AND PROPRIETARY INFORMATION The contents of this material are confidential and proprietary to Quality Track International, Inc. and may not be reproduced, disclosed, distributed or used without the express permission of an authorized representative of QTI. Use for any purpose or in any manner other than that expressly authorized is prohibited. If you have received this communication in error, please immediately delete it and all copies, and promptly notify the sender. - Original Message From: Alex Wang [EMAIL PROTECTED] To: Leif Madsen [EMAIL PROTECTED] Cc: asterisk@uc.org Subject: Re: [on-asterisk] Survey: what are people's experience with various routers? Date: 29/01/08 11:14 Anybody having problem with sonicwall Please check this out... http://www.untangle.com/index.php?option=com_contentamp;task=viewamp;id=344amp;Itemid=747http://www.untangle.com/index.php?option=com_contenttask=viewid=344Itemid=747 Untangle is the free amp; open source alternative to Sonicwall. In addition to the basics (Firewall, VPN, IPS amp; routing), Untangle makes it easier to block spam, spyware, viruses, phishing, porn, gambling, MySpace, Facebook, IM, peer-2-peer amp; much, much more. quot;Best Security Solutionquot; - LinuxWorld 2007 Runs at the gateway... No clients to install! Easy to use: Intuitive GUI, logging, reporting amp; automatic signature updates Installs on standard Intel/AMD hardware Lively forums amp; a great Wiki I used m0n0 and that's coming from the bannerI havn't try it but looks so good. Alex On Tue, 29 Jan 2008 11:04:01 -0500 quot;Leif Madsenquot; lt;[EMAIL PROTECTED]gt; wrote: gt; On Jan 29, 2008 8:31 AM, Jim Van Meggelen lt;[EMAIL PROTECTED]gt; wrote: gt; gt; Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of gt; gt; the best. Even many hardware products are based on it. gt; gt; gt; gt; If cost were no object, and you needed to buy a firewall (that of course had gt; gt; to do a good job with VoIP), what would be on your wish list? What would you gt; gt; avoid like a plague? (ask Leif about SonicWall) gt; gt; gt; gt; Any thoughts and opinions are most welcome. gt; gt; Oh don't get me started on Sonicwalls! gt; gt; (Seriously though... has anyone else had the nightmarish problems of gt; Sonicwall w/ VoIP, or is it just my inability to configure the bloody gt; thing correctly?) gt; gt; gt; A couple people mentioned pfSense, and I was running at home for quite gt; some time with good success. I've since switched out to DD-WRT on a gt; Linksys WRT54GL because I needed to setup a VPN connection that I gt; could route all my phones through (not just a single device) and it gt; has worked marvelously for that. gt; gt; Some people might be concerned about running an appliance with pfSense gt; and not having quot;someone to blamequot; though. We're all professionals here gt; and don't seem to really have that problem, but I'm curious what kinds gt
Re: [on-asterisk] Survey: what are people's experience with various routers?
On Jan 29, 2008 8:31 AM, Jim Van Meggelen [EMAIL PROTECTED] wrote: Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Oh don't get me started on Sonicwalls! (Seriously though... has anyone else had the nightmarish problems of Sonicwall w/ VoIP, or is it just my inability to configure the bloody thing correctly?) A couple people mentioned pfSense, and I was running at home for quite some time with good success. I've since switched out to DD-WRT on a Linksys WRT54GL because I needed to setup a VPN connection that I could route all my phones through (not just a single device) and it has worked marvelously for that. Some people might be concerned about running an appliance with pfSense and not having someone to blame though. We're all professionals here and don't seem to really have that problem, but I'm curious what kinds of commercial solutions you might use if you needed to recommend a firewall to a customer who then had to manage it themselves? Having pfSense interface to manage yourself is fine, but if something goes really wrong... well... there isn't anyone to blame but the consultant who recommended it :) For commercial, a lot of people seem to use Cisco's PIX for firewalls, but that is probably on the opposite end of being customer manageable (unless they've developed some web interface for it since I last used one). At least those are my thoughts on the matter. -- Leif Madsen. http://www.leifmadsen.com http://www.oreilly.com/catalog/asterisk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [on-asterisk] Survey: what are people's experience with various routers?
As Leif mention firewall, routers, etc. required a little bit more attention. In the event that you are providing a solution for commercial a off the shelve package is the way to go; however, it not just the firewall and port controls you require but also the firewalls ability to handle Quality of Service. When you also add wireless to the picture then the ball game starts to get a little hairy. The following article talks about quality service and using routers, and wireless mesh. http://www.moskaluk.com/voip_using_wireless_mesh_infrast.htm I hope this helps. Don Moskaluk www.moskaluk.com/papers.htm -Original Message- From: Leif Madsen [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 11:04 AM To: asterisk@uc.org Subject: Re: [on-asterisk] Survey: what are people's experience with various routers? On Jan 29, 2008 8:31 AM, Jim Van Meggelen [EMAIL PROTECTED] wrote: Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Oh don't get me started on Sonicwalls! (Seriously though... has anyone else had the nightmarish problems of Sonicwall w/ VoIP, or is it just my inability to configure the bloody thing correctly?) A couple people mentioned pfSense, and I was running at home for quite some time with good success. I've since switched out to DD-WRT on a Linksys WRT54GL because I needed to setup a VPN connection that I could route all my phones through (not just a single device) and it has worked marvelously for that. Some people might be concerned about running an appliance with pfSense and not having someone to blame though. We're all professionals here and don't seem to really have that problem, but I'm curious what kinds of commercial solutions you might use if you needed to recommend a firewall to a customer who then had to manage it themselves? Having pfSense interface to manage yourself is fine, but if something goes really wrong... well... there isn't anyone to blame but the consultant who recommended it :) For commercial, a lot of people seem to use Cisco's PIX for firewalls, but that is probably on the opposite end of being customer manageable (unless they've developed some web interface for it since I last used one). At least those are my thoughts on the matter. -- Leif Madsen. http://www.leifmadsen.com http://www.oreilly.com/catalog/asterisk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Survey: what are people's experience with various routers?
Anybody having problem with sonicwall Please check this out... http://www.untangle.com/index.php?option=com_contenttask=viewid=344Itemid=747 Untangle is the free open source alternative to Sonicwall. In addition to the basics (Firewall, VPN, IPS routing), Untangle makes it easier to block spam, spyware, viruses, phishing, porn, gambling, MySpace, Facebook, IM, peer-2-peer much, much more. Best Security Solution - LinuxWorld 2007 Runs at the gateway... No clients to install! Easy to use: Intuitive GUI, logging, reporting automatic signature updates Installs on standard Intel/AMD hardware Lively forums a great Wiki I used m0n0 and that's coming from the bannerI havn't try it but looks so good. Alex On Tue, 29 Jan 2008 11:04:01 -0500 Leif Madsen [EMAIL PROTECTED] wrote: On Jan 29, 2008 8:31 AM, Jim Van Meggelen [EMAIL PROTECTED] wrote: Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Oh don't get me started on Sonicwalls! (Seriously though... has anyone else had the nightmarish problems of Sonicwall w/ VoIP, or is it just my inability to configure the bloody thing correctly?) A couple people mentioned pfSense, and I was running at home for quite some time with good success. I've since switched out to DD-WRT on a Linksys WRT54GL because I needed to setup a VPN connection that I could route all my phones through (not just a single device) and it has worked marvelously for that. Some people might be concerned about running an appliance with pfSense and not having someone to blame though. We're all professionals here and don't seem to really have that problem, but I'm curious what kinds of commercial solutions you might use if you needed to recommend a firewall to a customer who then had to manage it themselves? Having pfSense interface to manage yourself is fine, but if something goes really wrong... well... there isn't anyone to blame but the consultant who recommended it :) For commercial, a lot of people seem to use Cisco's PIX for firewalls, but that is probably on the opposite end of being customer manageable (unless they've developed some web interface for it since I last used one). At least those are my thoughts on the matter. -- Leif Madsen. http://www.leifmadsen.com http://www.oreilly.com/catalog/asterisk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [on-asterisk] Survey: what are people's experience with various routers?
Hi Jim, I'm a BIG fan of pfSense, especially if you're running it on embedded style hardware (CF card instead of a disk, no moving parts). I can use SNMP to monitor it, it has the ability to run Snort right on the box, you can install ntop and darkstat to gather statistics, and it automatically generates RRD graphs of traffic, link quality, and system resources. A nice benefit for heavy environments is that it also does multi-WAN failover very easily. Alex Alex Robar, Technical Support, GearyTech Inc. 3075 Fourteenth Avenue, Unit 3, Markham, Ontario L3R 0G9 Markham: 905-513-8000 x 223 Fax: 905-513-8040 Toronto: 416-226-3614 Toll Free: 888-890-3499 [EMAIL PROTECTED] www.gearytech.com Strategic management of technology for business. -Original Message- From: Jim Van Meggelen [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 8:32 AM To: asterisk@uc.org Subject: [on-asterisk] Survey: what are people's experience with various routers? Folks, Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Regards, Jim -- Jim Van Meggelen Core Telecom Innovations [EMAIL PROTECTED] www.coretel.ca 416-425-6111 x6001 877-CORETEL x6001 (Canada) www.oreillynet.com/pub/au/2177 http://downloads.oreilly.com/books/9780596510480.pdf - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Survey: what are people's experience with various routers?
Hands down the best device that we have found so far for small offices (especially if the customer wants support) is the Juniper SSG5 http://www.juniper.net/products_and_services/firewall_slash_ipsec_vpn/ssg_5_slash_ssg_20/ There are many different models of the SSG5 including models that have serial backup WAN, integrated V.92 modem backup WAN, or ISDN backup WAN. There is a non-wireless and a wireless a/b/g model. For example: The SSG-SB which is the entry level model with serial backup and no wireless is around $599 The SSG-SB-W-US which is the entry level model with serial backup and 802.11a/b/g wireless is around $799 These aren't the cheapest routers on the block by any stretch of the imagination but they work well and the support is incredible. We have several large deployments of customers on hosted PBX that use them and they are rock solid. Regards, Bill - Original Message - From: Jim Van Meggelen [EMAIL PROTECTED] To: asterisk@uc.org Sent: Tuesday, January 29, 2008 8:31 AM Subject: [on-asterisk] Survey: what are people's experience with various routers? Folks, Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Regards, Jim -- Jim Van Meggelen Core Telecom Innovations [EMAIL PROTECTED] www.coretel.ca 416-425-6111 x6001 877-CORETEL x6001 (Canada) www.oreillynet.com/pub/au/2177 http://downloads.oreilly.com/books/9780596510480.pdf - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [on-asterisk] Survey: what are people's experience with various routers?
On Jan 29, 2008 11:04 AM, Leif Madsen [EMAIL PROTECTED] wrote: Some people might be concerned about running an appliance with pfSense and not having someone to blame though. For commercial applications, I hear Leif's concern about support. It's not exactly 'off the shelf' but the Pfsense team now offers commercial support. At least now you can pay a bit of money, support the developers and know that you're going to get some help when things go awry rather than just having to go to the forums, ask nicely and hope someone is able to help you out. DD
[on-asterisk] Survey: what are people's experience with various routers?
Folks, Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Regards, Jim -- Jim Van Meggelen Core Telecom Innovations [EMAIL PROTECTED] www.coretel.ca 416-425-6111 x6001 877-CORETEL x6001 (Canada) www.oreillynet.com/pub/au/2177 http://downloads.oreilly.com/books/9780596510480.pdf - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [on-asterisk] Survey: what are people's experience with various routers?
I'll second pfSense. Does Dual WANS too, allowing voip traffic on one, internet on other, fallover, load balancing, and adding Snort can add a whole level of filtering. D Dave Bour Desktop Solution Center 905.381.0077 X501 [EMAIL PROTECTED] For people who just want IT to work Business http://www.desktopsolutioncenter.ca Personal http://www.davebour.com -Original Message- From: Alex Robar [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 8:51 AM To: Jim Van Meggelen; asterisk@uc.org Subject: RE: [on-asterisk] Survey: what are people's experience with various routers? Hi Jim, I'm a BIG fan of pfSense, especially if you're running it on embedded style hardware (CF card instead of a disk, no moving parts). I can use SNMP to monitor it, it has the ability to run Snort right on the box, you can install ntop and darkstat to gather statistics, and it automatically generates RRD graphs of traffic, link quality, and system resources. A nice benefit for heavy environments is that it also does multi-WAN failover very easily. Alex Alex Robar, Technical Support, GearyTech Inc. 3075 Fourteenth Avenue, Unit 3, Markham, Ontario L3R 0G9 Markham: 905-513-8000 x 223 Fax: 905-513-8040 Toronto: 416-226-3614Toll Free: 888-890-3499 [EMAIL PROTECTED] www.gearytech.com Strategic management of technology for business. -Original Message- From: Jim Van Meggelen [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 8:32 AM To: asterisk@uc.org Subject: [on-asterisk] Survey: what are people's experience with various routers? Folks, Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Regards, Jim -- Jim Van Meggelen Core Telecom Innovations [EMAIL PROTECTED] www.coretel.ca 416-425-6111 x6001 877-CORETEL x6001 (Canada) www.oreillynet.com/pub/au/2177 http://downloads.oreilly.com/books/9780596510480.pdf - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [on-asterisk] Survey: what are people's experience with various routers?
Personally I went back to m0n0wall because I had too much difficulty with the traffic shaper and the queue graphs in pfSense. I have never been able to find adequate documentation about the dual target in/out that gets created and it's real ramifications. Also, having two internal interfaces it doesn't handle the Status/Queues very well and duplicates them for both interfaces and also appears extremely slow/not responsive which doesn't provide a great comfort level. I have tried this on Wrap on PC class boxen but it's still too slow from a management/admin standpoint. I agree that PIX is not customer friendly. At one of my customer sites their (reasonably) experienced admin has had some challenges with them. If anyone has some better explanations regarding the dual target rules in pfSense, please pass it on as otherwise I tend to like it. - dbc. -Original Message- From: Leif Madsen [mailto:[EMAIL PROTECTED] Sent: January-29-08 11:04 AM To: asterisk@uc.org Subject: Re: [on-asterisk] Survey: what are people's experience with various routers? On Jan 29, 2008 8:31 AM, Jim Van Meggelen [EMAIL PROTECTED] wrote: Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Oh don't get me started on Sonicwalls! (Seriously though... has anyone else had the nightmarish problems of Sonicwall w/ VoIP, or is it just my inability to configure the bloody thing correctly?) A couple people mentioned pfSense, and I was running at home for quite some time with good success. I've since switched out to DD-WRT on a Linksys WRT54GL because I needed to setup a VPN connection that I could route all my phones through (not just a single device) and it has worked marvelously for that. Some people might be concerned about running an appliance with pfSense and not having someone to blame though. We're all professionals here and don't seem to really have that problem, but I'm curious what kinds of commercial solutions you might use if you needed to recommend a firewall to a customer who then had to manage it themselves? Having pfSense interface to manage yourself is fine, but if something goes really wrong... well... there isn't anyone to blame but the consultant who recommended it :) For commercial, a lot of people seem to use Cisco's PIX for firewalls, but that is probably on the opposite end of being customer manageable (unless they've developed some web interface for it since I last used one). At least those are my thoughts on the matter. -- Leif Madsen. http://www.leifmadsen.com http://www.oreilly.com/catalog/asterisk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [on-asterisk] Survey: what are people's experience with various routers?
Thanks to all for the feedback. Jim Jim Van Meggelen wrote: Folks, Lately it seems that the GNU/Linux firewall, iptables, is emerging as one of the best. Even many hardware products are based on it. If cost were no object, and you needed to buy a firewall (that of course had to do a good job with VoIP), what would be on your wish list? What would you avoid like a plague? (ask Leif about SonicWall) Any thoughts and opinions are most welcome. Regards, Jim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]