[ale] Custom or Pfsense
Michael H. Warfield
mhw at WittsEnd.com
Fri May 9 15:04:50 EDT 2008
On Fri, 2008-05-09 at 14:33 -0400, Brandon Colbert wrote:
> All,
> I am building the VPN network for my company. I am trying to figure
> out if I should use Pfsense or build my own off: CentOS5, iptables,
> OpenVPN, VLANs, and etc. I do like the option of adding whatever
> application I need.
> Pfsense will be a faster deployment!
Ok... Pfsense is the FreeBSD / pf filter based firewall. What kind of
VPN are you going to use, then? IPsec based?
I don't quite see where Pfsense would be any faster to deploy than say
a CentOS system with IPSec.
At one time, OpenVPN use to be able to claim it was simpler to deploy
than IPSec but IPSec has gotten vastly easier, with certificates and
keys, and OpenVPN has gotten significantly more complicated (try making
heads or tails or those scripts for pushing routes and addresses).
IPSec certainly makes a lot of sense. All of that, Pfsense, CentOS,
Fedora, FreeBSD, OpenBSD, etc, etc, etc, should all interoperate and be
relatively simple to deploy. Now, FreeBSD vs Linux and pf filter vs
iptable, that may be more to what your taste is. Pfsense may have some
fancy deployment tools that may make it better than CentOS or Fedora or
monowall. Why do YOU feel it will be faster?
> ?
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20080509/5322fc70/attachment.bin
More information about the Ale
mailing list