:: Re: [DNG] What are you using for a …
Inizio della pagina
Delete this message
Reply to this message
Autore: Kenn Thyrsted
Data:  
To: dng
Oggetto: Re: [DNG] What are you using for a firewall/router
On 2024-04-30 00:45, o1bigtenor via Dng wrote:
> What do you use for your internet access?

At first there was Internet via Cable, where a Cisco2501 with fw
features would suffice.
As speeds were increasing, i was happy with IpCop for some time.
Then i got 60Mbit by fiber.
I kept my Cable, thus i needed a firewall capable of using two ISPs
Enter pfSense.
I was very happy with pfSense - until "they" decided that an update
could remove functionality . That was it for me.
I ditched Cable, and went for an Ubiquiti ERL3 which used only 10% of
the power of my pfSense.
I would not use the GUI as i didn't know what exactly was done, CMD was
the way.
My semi-paranoid setup is more laborious than complicated, but the ERL3
did the job. Though i don't like the VyOS-thingy.
The internal USB in the ERL3 gave up, and Ubiquiti doesn't provide the
possibillity for download of a new sw-image.

Now, what ?!?
Somehow every Linux firewall distro had plead their allegiance to "The
most safe, effective, and secure firwall with cutting edge
systemd-software at the core of the secutity and reliability"....
Remarkable, if you think of it.

Enter OpnSense - a nice, familiar experience :-)
But when running on PC-hw rather powerhungry.
-Not OpnSense's fault, i know, and as we know; excessive powerdraw in
the firewalldepartment will end the world prematurely.

My attempts on running it on a (very capable) laptop, revealed that *BSD
had some "shortcomings" when using a USB-NIC.

Luckily OpenWRT runs on ERL3 using a compatible USB2-stick.
Lots of config, once again - but it seemes that the ERL3/OpenWRT can
"get the job done" @300Mbit internet and 37vlans interconnecting at
Gigaspeed.

As i'm fed up with fw-config every time some fw-hw-thingy breaks down, i
am pondering having one or two configured fw's ready to swap-in.

/Kenn