[AusNOG] Gateway Router firewall
Alex Samad
alex at samad.com.au
Wed Jan 11 12:54:13 EST 2017
Can I suggest routerOS
http://forum.mikrotik.com/
Roughly $50 for a virtual vm license..
A
On 11 January 2017 at 12:45, Cory Hawkless <Cory at hawkless.id.au> wrote:
> I've used the BGP functionality on pfSense via the OpenBGPD package and it
> works well. I found it a little quirky when you override the default
> configuration then go back and make changes in the 'Wizard' section, but
> getting CLI access to the box and opening the config files soon shows you
> exactly what's going on.
>
>
> -----Original Message-----
> From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Glenn
> Hocking
> Sent: Wednesday, 11 January 2017 9:59 AM
> To: ausnog at lists.ausnog.net
> Subject: Re: [AusNOG] Gateway Router firewall
>
> Thanks for all the responses regarding gateway router/firewall software. I
> investigated them all :-)
>
> For my situation I am going to try out pfSense, it seems to have come a
> long way since I last tried it. It seems to do everything I need, plus the
> CARP redundancy looks great! My hand rolled perl scripts to achieve gateway
> device failover do cause me some anguish.
>
> I currently use or have played with many of the packages listed but the
> following pfSense features URL does state that 'Packages: Some are in beta
> stage'. The primary package that I will need under pfSense is the OpenBGPD.
> I currently use Quagga bgpd.
>
> Does anyone have any comments of current pfSense additional package use?
> such as what to use, what to steer clear from? Should I install only what
> is needed or its resilient and packages can be easily installed, played
> with and removed without issues even in a production environment. I do test
> obviously first, but test environments are never conclusive.
>
> https://doc.pfsense.org/index.php/Features_List
>
> The end result of this is to have reliable gateways that other engineers
> can also manage ad hoc and for me to be able to sleep peacefully at night.
> I'll post me results of this exercise if other wish.
>
> Cheers
>
> Glenn Hocking | Managing Director
> Woosaw Pty Ltd | www.woosaw.com.au
> Sydney Office: +612 8090 3441 | Mobile: 0420 942 641 PO Box 391 │ Pyrmont
> NSW 2009 | Australia
>
> On 10/01/2017 11:55 AM, Glenn Hocking wrote:
> > Hi All
> >
> > For many years been using hand rolled router/firewall boxes for my
> > hosting network gateways. Time for an upgrade but still want the
> > flexibility of Linux based systems. Just wondering what others like in
> > this area and recommend as assume there should be some good hardened
> preconfigured systems available now. Prefer open source Linux and free.
> >
> > What I currently use is,
> >
> > OS: Debian Linux
> > BGP: quagga
> > Firewall: iptables
> > Load balancing and HA: ipvsadm + perl
> > Monitoring: ipt_netflow + nfsen
> >
> > Cheers
> >
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170111/709f26be/attachment.html>
More information about the AusNOG
mailing list