[LUAU] Which Linux VPN Solution?
Jim Thompson
jim at netgate.com
Thu Sep 29 23:02:24 PDT 2005
On Sep 29, 2005, at 5:12 PM, Michael Bishop wrote:
> In regards to m0n0wall, at home I use it as my firewall/router/DHCP/
> DNS/traffic shaper for a VoIP phone (provided by a local company,
> not from RR). It's never given me any trouble and I don't worry
> about it at all. It works well on an old PC or for a more compact
> solution on an embedded system and you can even add wireless to it.
> Its about $200 for a 3 NIC board with case; more if you want to add
> wireless card, antenna(s), etc. You can also stick it in a weather
> proof case and stick it on your roof.
>
> I'm starting to evaluate it as a VPN for my clients particularly as
> an office to home and office to office VPNs. I'll post my findings
> to the list in case anyone is interested.
>
> Netgate, which Jim owns and operates, sells a Soekris box with
> m0n0wall installed and tested. There seems to be the recent
> addition of a indoor enclosure where you can add your own Soekris
> board and wireless, very nice.
>
> http://www.netgate.com/index.php?
> cPath=60&osCsid=897f0733985faa46f6afd6671ec60635
>
> I am not affiliated with Netgate. I just think Jim is an awesome
> guy and I like to support local companies.
Thanks Michael. I try to keep it 'non-commercial' on these types of
lists. I too run m0n0wall in a couple locations, and have found it
to be highly
stable.
One minor correction, we don't sell a Soekris box. We do sell an
"everything but the board(s)" kit for the Soekris 4x26 boards. (Its
a mil-spec indoor case.)
http://www.netgate.com/product_info.php?cPath=24_67&products_id=196
and just the case by itself (And yes, its "Mil-Spec", its in use at
almost every US Air Force base, world-wide.):
http://www.netgate.com/product_info.php?cPath=24_67&products_id=269
We also sell a pre-configured m0n0wall setup, based on the PC Engines
WRAP series:
http://www.netgate.com/product_info.php?products_id=209
You might want to look here: http://www.tomsnetworking.com/
Reviews-162-ProdID-MONOWALL2-6.php
for some analysis on IPSEC throughput using these boards.
If you've got a cast-off P3 box, its fairly trivial to give it a pair
of PCI NICs and run m0n0wall from an ISO image. This will result in
higher throughput for the IPSEC side of things.
The other way to improve performance would be to stick an encryption
accelerator in one of the on-board miniPCI sockets. Soekris sells one
that is plug-n-play with m0n0wall: http://www.soekris.com/vpn1401.htm
Jim
More information about the LUAU
mailing list