Want to buy a VPN Firewall for home/test lab

[fusi0n]

I have been looking at firewalls to purchase to mess around with. I had a monowall but that computer died. I don't want to spend a lot of money, but I want something that is going to let me VPN and open ports. I don't want to use a home router just simply because..

I have found a Fortinet 50B for around $150, these where made in 2007.. I am not sure if it would be a good idea to buy a firewall that doesn't get firmware updates anymore..

I am leaning more towards this one,

http://www.amazon.com/ZyXEL-Internet-Security-Firewall-Dual-WAN/dp/B0042WCFI2/ref=pd_cp_e_0

Not real sure with that brand but it has a lot of good reviews.. However, you have to buy the VPN client software to VPN in.

I have also looked a bunch of different Sonicwalls but I heard do not buy a used one because if it has been registered before on mysonicwall you won't be able to use it

I am also considering this one,

http://www.newegg.com/Product/Product.aspx?Item=N82E16833122380

If I had to buy one, I would go with the Fortinet but I don't know if it good to buy a older firewall..

Feel free to add any suggestions..

[fusi0n]

Would it be crazy to add pfsense in a hyper v in a 2012 server I use. Just use that for my firewall routing and vpn

[Praetor]

just buy a cheap ass juniper or a draytek.

[+BudMan MVC]

I run pfsense in VM on esxi - works like a champ, I vpn in pretty much every day from work.

[The_Observer]

never heard of using a virtual firewall. Looking at a pfsense setup, will look at using my hyper v server.

[sc302 Veteran]

Yeah budman has been using this for quite a bit.

[Klownicle]

Why buy when all you need is a tiny linux box and something like smoothwall. :) All Free. Smoothwall may be dated in a sense of its current release, but the developer community for mods is still very active. Last release I think was late 2011.

[CloudEngineer]

i've become partial to using untangled with some clients lately... has it's little annoyances but all in all a pretty powerful and easy to use setup

[fusi0n]

I bought a Watchguard X700 and Installed pFSense onto it.

Here is my setup,

[+BudMan MVC]

Running it as VM has loads of advantages, one less equipment - means less power consumption as well ;) Two since I run development code of pfsense, I just take a snapshot before I do an update if something doesn't work in the update or fails, click back to my stable setup. This advantage would be there if not running development as well for when you update, but I update every few days to a couple of weeks whenever I see a new snapshot from pfsense that makes sense to go too or its been a few weeks. Currently there is issue with renewing your IPv6 address, so been updating every few days hoping for a fix, etc. It is not renewing, so you have to turn it off and grab a new one - which changes the PD your getting, so annoying when your IP range keeps changing, etc.

Three - since its VM, I can swap out any firewall distro I want very quickly never having to touch a wire. And if I setup the same mac on the different VM, I don't even have to reboot my modem, and maintain my public IP as the same, etc. So I can try out smoothwall if I want, untangle, or m0nowall, etc. etc. Or drop back to stable 2.0.2 version of pfsense if need to test something for someone, etc.

Unless your setup required too much horse power at your router/gateway for VM to make sense I don't think I will ever go back to a dedicated box for my gateway.

[fusi0n]

Running it as VM has loads of advantages, one less equipment - means less power consumption as well ;) Two since I run development code of pfsense, I just take a snapshot before I do an update if something doesn't work in the update or fails, click back to my stable setup. This advantage would be there if not running development as well for when you update, but I update every few days to a couple of weeks whenever I see a new snapshot from pfsense that makes sense to go too or its been a few weeks. Currently there is issue with renewing your IPv6 address, so been updating every few days hoping for a fix, etc. It is not renewing, so you have to turn it off and grab a new one - which changes the PD your getting, so annoying when your IP range keeps changing, etc.

Three - since its VM, I can swap out any firewall distro I want very quickly never having to touch a wire. And if I setup the same mac on the different VM, I don't even have to reboot my modem, and maintain my public IP as the same, etc. So I can try out smoothwall if I want, untangle, or m0nowall, etc. etc. Or drop back to stable 2.0.2 version of pfsense if need to test something for someone, etc.

Unless your setup required too much horse power at your router/gateway for VM to make sense I don't think I will ever go back to a dedicated box for my gateway.

yeah, I had it running on a VM and I loved it, but I had to get rid of my ESXi host for my house.. too Loud.. lol I need to get a rack and put it my basement

[+BudMan MVC]

I just use a little HP N40L - very very quiet, it currently about 3 feet from me and don't hear a thing.

[fusi0n]

I just use a little HP N40L - very very quiet, it currently about 3 feet from me and don't hear a thing.

What all are you running from it?

[+BudMan MVC]

My pfsense, my file server vm my linux play box this runs 24/7/365 and then all my other play vms when I need to play with something, 2k8 box, 2k12, centos, win7 boxes, win8 vm, ntop I can fire up if want to look at traffic, freebsd, etc. etc.. Couple different copies of pfsense.

Its got 8 gb of ram - which is enough to run a few vms at once. I found out later you can bump up to 16 even though specs list 8 as max - which I might do at some point, its got 4 nics in it currently. With 4 drives, the 250GB it came with as datastore for the vms, and then 3 other disks a 2TB and 2 x 750GB for my file server - which I gave raw access to the vm and get like 50 to 70MBps file transfer off of. More than enough to play my media off of etc..

I could add 2 more disk if need be, just not in the bays. And its got esata so could add a 7th, and then usb so you could add more drives that way if you needed too. I got it on sale for like $269, plus the extra memory and nics -- you just can not beat it for a home esxi setup.

[fusi0n]

Thanks for the reply man. I will put it on my wish list and wait for it to go on sale.

[+BudMan MVC]

I think the new model is the N54L - same box really, I show it currently at newegg for $339

http://www.newegg.com/Product/Product.aspx?Item=N82E16859107921

Which is not a bad price..