Devin Reade <[EMAIL PROTECTED]> writes: > I have a need to deploy a number of router/firewalls to remote sites > where having an "appliance" with no moving parts is desirable, so I > was thinking about using Soekris boxes for the purpose. > > The planned configuration is not uncommon: > net5501-70 > OpenBSD installed on a CF card, with read-only filesystems > an internal modem for dialup ppp (probably the USR Performance Pro) > an external modem for dial-in console access (separate phone line) > dynamic IP on the upstream side > static IPs on the internal network > IPSec between each remote site and a central data center (but not > between remote sites) > _maybe_ a caching DNS server for the internal network > _maybe_ a DHCP server for the internal network > > Network traffic over the IPSec tunnels is expected to be very light. > > Question: Does anyone have a feel for whether or not I'm going to > need a crypto card for doing IPSec in this configuration?
I am running IPSec on the net4801 without crypto hardware and it handles a little over 1Mbps on a 2Mbps ADSL using FreeBSD 6.2. -- Christian Laursen _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
