[K12OSN] OT: Firewall solution suggestion
Barry Cisna
cisna-barry at wc235.k12.il.us
Mon Jan 17 12:19:08 UTC 2011
pfSense is in fact a 'rolled into one' pf part of FreeBSD. It is simply
an out of the box , turnkey solution to pf.
Pop the iso in(or usb stick install) and you are done in 15 minutes,then
a reboot to do your configuration. FeeBSD has native support for most
vpn encryption cards as well ,which is nice if you need vpn site to site
support. We do three site to site vpns for our setting.
There is nothing 'lacking' in this piece from what I can see. RRD
graphs, a real time throughput view, states, routes view,NAT that
automagically adds wan rules as you add a nat rule for example, can add
packages such as squid,squidGuard,havp,and so on from the webui.
The 3 machines that are running only have 500mb of ram running
squid,squidGurad,lightsquid,havp just for an example.
It's always a kind of challenge to put together your own ideas into some
things but with all of the tls and ssh stuff for vpn's it isn't worth
the time for me to try and 'roll your own' on this kind of stuff.
The screenshots on pfSense are in fact made with a freeware called
"Simpleviewer" a look alike to flash slide show type thing,along with
Picasa,as a base.
http://simpleviewer.net/simpleviewer/
BC
More information about the K12OSN
mailing list