Posts Tagged pfsense dual wan snort firewall

PFSense Project

Posted by admin in General on April 11, 2010

No Gravatar

Well guess what, i don’t really have time to follow up on this one. I got most of the hardware, but then someone’s power supply went south so i gave them the one from the box i was going to use. :) ya im a nice guy. So maybe in the near future i can continue this one.

:) )))))))))

Recently i had a friend of mine mention PFsense firewall / router, since im a security geek mainly implementing Cisco/juniper. I figured that trying out PFsense at home might be a good idea.

I used to use monowall/smoothwall years ago and thought they were pretty good at what they did, back then i didn’t have alot of $$ to purchase hardware to make a dedicated box.

so here is my current setup and my new plan:

I currently have  a linksys RV042 load balancer with 2 wan connections going into it. 1 is cable modem, the other is DSL, they are currently in a load balanced situation but i have all HTTP / HTTPS traffic going out 1 line as there are issues with sticky connections (this router does not seem to support it) Now I’m not really sure that im going to see a large increase in performance, but there are some great features that PFsense has to offer including snort IDS, squid proxy, captivate portal. now i know these would have limited use for me at home but depending on how this performs at home it may be a viable alternative for some of my customers.

My Internet speeds are pretty crappy, mainly cause i live in Canada and the choices on providers are slim. My providers are currently 3web (cable) and teksavvy (DSL 5mb/800k)

my cable modem

dsl modem and router

its Saturday morning here are current speed tests from teksavvy (http)

http://www.speedtest.net/result/777995659.png

The plan:

using a spare box my friend is willing to give me p4 dual core, 1Gb mem x2 intel nics x1 onboard. I will post exact specs when i get it. this will be a mini atx board and case.

i will setup pfsense with the 2 wan’s in a load balanced scenario and use the on-board for LAN connectivity.

i will try to gather some baseline tests from my current setup so that i have some things to compare.

Once i get the hardware i will update the post.

Technorati Tags:

No Comments