Please recommend a simple and reliable small business firewall for Trixbox CE.
I have 4 sites with business dsl connections and VoIP 5 phones at each location. Data usage is low. Will most likely setup site to site VPN with NAT.
I'm considering a SonicWall TZ 180 but want to run it by someone with personal experience with Trixbox.
Thanks in advance.
Try Dlink with Gig ports set QOS
I'm not a big fan of Sonicwall
If you want to spend more you can buy Cisco ASA 5505
As many have noted, pfSense is a great solution and very sip friendly. You can use it for tunneling all sites together. It does have a bit of a learning curve, but with basic networking knowledge and some doc's, it isn't hard to figure out. Myself and many others are convinced it is the best solution at a great price for smaller installs.
http://www.netgate.com/product_info.php?products_id=651
Although I haven't used the box above (I have only used multi-nic pc's so far) it has received praise as being a good, small, and affordable hardware choice.
I would have to agree -- pfSense is the way to go. I have it installed at 16 locations and it is bullet-proof. You never have to reboot it and it will practically run forever.
I usually buy a cheap DELL -- small Optiplex -- put in an additional network card.
I am using version 1.2.3 RC2
Need help let me know - Yahoo jason.derr
JD
Here is a very cheap router.... very fast router !
http://www.recoupit.com/Desktops/Dell/Optiplex-GX260/Dell-Optiple...
Install second NIC -- install pfSense 1.2.3 RC2
pfSense does Traffic Shaping -- has an awesome nat forwarding field of options -- does failover with multiple internet connections -- logs your connection quality and internet usage for a year !
JD
Jason, how is the reliability (hardware failures) on those boxes? Thats the only downside I'd assume, next to power consumption.
If you are worried about hardware failure get a new dell t100 when they are on sale for around $300. I have been using the low end dell servers for years ( 400sc on up to t100 ) for various linux based installs of firewalls and even trixbox and have nothing but good thinsg to say about them. I have 6 400sc servers that are several years old and 5 of them have never had any hardware problems.
@hkgonra
No doubt, I have the t100 spec'd out for my next trixbox install. I just think it is a little over kill for a firewall. Especially when they have appliances that run pfSense, work great for small/medium installs, and sip the electricity. I have just been burned so many times by re-purposing older equipment. Sure I do it at home, but after a few burns, I rarely risk it with companies anymore.
We use pfSense quite frequently for pbx installs and highly recommend it.
I'm now considering the pfSense appliance hoping its easier to config/manage then the PC version. I'm currently running Untangle on a PC - and am seeking a different router because phones in my remote site continually go into an idle state/offline and do not work again until i move each ext to a different port on the Untangle router. Then they come back online, until the next time out. I believe ports are going idle, thus i'm looking for a router appliance that will keep the ports active constantly.
I was also looking at low-end FortiGate routers - any advantage to going that route vs psSense appliance?
I'm told pfSense has a steep learning curve. I'm a novice with routers - would you guys say support and documentation is enough for someone that understands routing conceptually but doesn't have hands on experiece, yet?
Thanks in advance,
Seth
I wouldn't say pfSense has a steep learning curve...
I recommend sticking with pfSense 1.2 and not going with Release Candidates for now, and this way you can use the hundreds of tutorials around. I also use nothing but pfSense for VPN and trixbox installs, I personally rarely resort to old PCs, I prefer low-power embedded platforms, like Soekris or Alix boards.
Is there any advantage to using a low end FortiGate VS this pfSense appliance?
http://www.netgate.com/product_info.php?products_id=651
I'm hearing a-lot recommendations for pfSence with Trixbox and VPNs. Are there any other recommendations for inexpensive reliable routers?
I use the formerly Secure Computing (Now Mcafee) SG300 and SG560 firewalls. They are great and dependable, low power consumption, SIP proxy built in, and commercial support is available.
If you are going to use Pfsense, they just released a book. Check it out.
http://blog.pfsense.org/?p=509
Hey.. hydro_seth your remote extensions would work better if you change the phones to a registration period to 60 seconds.. it is a state issue most likely on the remote side. We see this all the time on phones connecting to our hosted trix.
I have seen -- zero failures on my pfSense units -- well not yet anyhow.
I am using pfSense 1.2.3 RC2
JD
pfsense is a fork of m0n0wall. Both are highly dependable, but m0n0 has less bells and whistles. Typically my m0n0 uptime is the time since the last power failure, sometimes months. The learning curve is a lot less steeper than for trixbox, it's almost a fit-and- forget type deal.
That's my choice, in that order. I hear many of our buyers like Smoothwall, very friendly, nice GUI.
But pfsense still tops!
Member Since:
2009-11-04