On 11/23/07, Johnny Stork <[EMAIL PROTECTED]> wrote: > I have a client that is planning to install/use the pfsense firewall on > a smal mini itx system they setup with dual NICs. I am currently > downloading the live cd to check it out but I am a bit concerned since I > never heard of it, the current release appears to be in beta and I am > wondering about the apparently small user base. I have run/evaluated > many firewalls such as ClarkConnect, Smoothwall, Ipcop, Shoreline, > Astaro etc (my favorite is Astaro), so does anyone have any suggestions, > experiences/feedback with pfsense etc? > > Beyond the basic requirements of any firewall for DMZ, NAT, IDS etc, > they absolutely need to have a reliable VPN to connect 2 identically > configured miniitx machines running the software, between Canada and Europe.
pf is solid. It is widely used. For anecdotal evidence (the "best" kind... ha!) The UofA has several pf boxes running with CARP, and has no problems at all. You can go in and start yanking network cables and nobody will notice. I'm not sure they use pfsense though, more likely just OpenBSD. If you're worried about reliability, worry about your NICs, not pf. pfsense is mainly dealing with the configuration of pf, which is not likely to affect the reliability of the box any more than if you hand-configured pf yourself. -Mark C. _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
