Date: Tue, 04 Mar 2008 22:03:56 -0500 From: Michael Proto <mike@jellydonut.org> To: Aaron Siegel <aj@siegel-tech.net> Cc: freebsd-embedded@freebsd.org Subject: Re: Building my first gateway firewall with wireless support Message-ID: <47CE0D9C.4090902@jellydonut.org> In-Reply-To: <200803031807.53588.aj@siegel-tech.net> References: <200803031807.53588.aj@siegel-tech.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Aaron Siegel wrote: > Hello > > My almost ten year old pc that has been running 24/7 as a firewall gateway is > about to die. (Of course it is running Freebsd) I would like to build a > embedded gateway, DNS server, with DDNS client, wireless access point, > IPSEC , and firewall. > > I appreciate some guidance, some helpfull links, or maybe share some of your > experiences. I hobbyist not a developer. I do not expect this to be easy. > > My dream access point would have two interfaces one protect by IPSEC vpn and > an unsecured (just a cheap linksys device connected to the LAN). The big > question how much processor power will I need to support one to ten clients? > > The LAN will support a couple of desktops, and maybe a toy server (backup mail > server). > > I am looking at Soekris 48xx and if needed the vpn board.. As of now I like to > stick with x86 platform. Any other suggestions? > > Thank You > Aaron > _______________________________________________ > freebsd-embedded@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-embedded > To unsubscribe, send any mail to "freebsd-embedded-unsubscribe@freebsd.org" I'm currently using 6.3-RELEASE on a PCEngines ALIX board, http://pcengines.ch/alix2c1.htm. Its currently configured as a DSL gateway and wifi access point with a minipci Atheros 802.11b/g card installed, with WPA2-Enterprise, QoS, vlan, DHCP, DNS, stateful filtering and NAT (pf), snmp, and a few other services. I'm using my own roll of FreeBSD but there are projects like m0n0wall, http://m0n0.ch/wall/, and pfsense, http://pfsense.org/, that put it all together for you and bundle it with a full-featured web interface. If you're looking to roll your own, there are some great starter sites at http://neon1.net/misc/minibsd.html and http://www.ultradesic.com/index.php?section=125. The Soekris 48xx should work just as well, if a little slower (I had a 4501 before getting my ALIX in the same setup). The soekris-tech mailing list has several BSD and Linux users and the community support is helpful. On an even more powerful side, you could get an embedded VIA Eden system like http://e-itx.com/jetway-j7f4k1g2e-mini-itx-motherboard.html with on-chip accelerated IPSEC support via the padlock(4) module. In any case they are all great systems, fanless, totally quiet, and extremely power-friendly. I hope those links are good enough to get you started. Good luck! -Proto
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47CE0D9C.4090902>