Ah, IPSEC tunnels. I used to play with some Linux and BSD based firewalls, but ended up sticking with Cisco ASA's for when we need a VPN (like between Puryear and our colo).
Regardless of what you pick, it's nice to be able to forget you even have a VPN up. --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of worms Sent: Tuesday, January 05, 2010 4:42 PM To: [email protected] Subject: Re: [brlug-general] PfSense I'm running PfSense 1.2.2 at work and at home. I have several IPSec tunnels setup between pfsense boxes and SonicWall NSA and TZ series devices. The IPSEC tunnels have been flawless. Edmund Cramp wrote: > I'm running 1.2.3-RELEASE which has been stable with no problems or unexpected behaviors since it came out in December. I have it installed at work on an old 400MHz Celeron - WAN, LAN and DMZ plus the Squid package at work. We're only on a 1.5Mbps cable connection with a mail, ftp and web server DMZ, plus a few users on the LAN so it's not very busy - the PfSense graphs suggest the CPU is about 4-5% busy during the day. > > I have another copy running on an ALIX board with Wifi support at home via PPPoE/DSL - I'd played with several different firewalls early last year and PfSense has definitely been the easiest to work with so far. There's a book about it too so the documentation is better than average. > > We don't use IPSEC or VPNs but their forum is pretty active and what I've seen suggests that your performance levels ought to be no problem with more modern hardware. > > Regards, > Edmund Cramp - [email protected] > Motion Lab Systems, Inc. - http://www.motion-labs.com > 15045 Old Hammond Highway, Baton Rouge, LA 70816 USA > Tel: 1.225.272.7364 (Central Time Zone, GMT-6) > Fax: 1.225.272.7336 > > > > | -----Original Message----- > | From: [email protected] > | [mailto:[email protected]] On Behalf Of Keith Stokes > | Sent: Monday, January 04, 2010 11:57 AM > | To: [email protected] > | Subject: Re: [brlug-general] Ping - Search for intelligent life > | > | I've used PfSense for years in several locations. I haven't > | loaded up the newest version 2 yet but a friend has. > | > | Any idea of your performance level? Capable of keeping up > | with 1 GB throughput, or even close? Any idea about > | throughput on IPSEC VPNs? > | > | On Jan 4, 2010, at 10:29 AM, Edmund Cramp wrote: > | > | > It's been quiet here recently - much quieter since Dustin played > | > whack-a-mole with some discussion a while back ... Maybe we're all > | > busy trying to make a living in the current economic climate? > | > > | > Update - I've been plying with the latest PfSense firewall > | build (OK > | > so it's more BSDish than Linuxish) and it's quite a nice > | snappy little > | > firewall that makes building rules almost fun ... Can that > | be so bad? > | > http://www.pfsense.org > | > > | > Regards > | > Edmund Cramp > | > -- > | > There are only two industries that refer to their customers as > | > 'users'. > | > - Edward Tufte > > > _______________________________________________ > General mailing list > [email protected] > http://mail.brlug.net/mailman/listinfo/general_brlug.net > _______________________________________________ General mailing list [email protected] http://mail.brlug.net/mailman/listinfo/general_brlug.net _______________________________________________ General mailing list [email protected] http://mail.brlug.net/mailman/listinfo/general_brlug.net
