linux router/firewall/gateway recommendation wanted

I currently connect to the net from my PC which has a directly connected USB modem, This machine is also configured to run a firewall and to be the ICS master (running XP SP2) the other machines on my lan (currently 3) have the first one defined as their gateway and router. This all works at the moment.

I want to reduce the load on my PC by shifting the internet handling onto a seperate machine, I have several older ones laying about and I figured that I would load one of the linux distros designed specifically for the job.

The problem I have is that there are several and I don't know which one to choose, I'm an experienced unix/linux sysadm and one of the other machine on the lan is a redhat 9 server, if that helps.

so far I've found:

http://www.devil-linux.org/
http://www.ipcop.org/
http://leaf.sourceforge.net/

and I know there are others. My top priority is security as getting through the firewall would open up my entire lan, then stability and then ease of use. I must be able to VPN from my XP PC to client sites.

The spare machines are pretty low spec, P1 or P2, etc. about 4 years old. so some idea of realistic hardware requirements would also be useful.
LVL 19
Nick UpsonPrincipal Operations EngineerAsked:
Who is Participating?
 
bmquintasCommented:
I have smoothwall www.smoothwall.org running in my small office with DHCP and DNS for 12 machines.
It's a P1 - 133Mhz with 64Mb SDRAM.
0
 
mburdickCommented:
You can use pretty much anything you like. I run SuSE at my home with the Shorewall firewall installed. The machine acts as a DHCP server, DNS server, cacheing transparent proxy server, file server, SSH server, web server, and a content filtering mail server.

My box is a 450 with 224MB RAM, and I don't see any performance problems with it.
0
 
mburdickCommented:
If you're looking for something with a small footprint, I have also used FrazierWall in the past. It runs from a floppy, and mine used to run on a PI 100 with 32MB RAM and dual NIC's.
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

 
Gabriel OrozcoSolution ArchitectCommented:
I would try the better p2 you have, with at least 64MB RAM, in order to install squid in transparent mode. this way, you would have a much better use of your bandwidth and will feel web surfing much faster.

all the recommendations daved to you are good. even ipcop has good reviews. for vpn access you should not have problems, unless it is IPSec, where you may need NAT Transversal enabled on your client in order to have it working without problems.

my 0.02
Gabriel
0
 
Nick UpsonPrincipal Operations EngineerAuthor Commented:
As I'm familiar with RH9, which would be the easiest for me to use.
0
 
Nick UpsonPrincipal Operations EngineerAuthor Commented:
or would I do better with a windows based solution?
0
 
Gabriel OrozcoSolution ArchitectCommented:
I think for estability the linux solution is far better =)

but please do not go after redhat9, but instead use fedora core 3 at least, since rh9 is not supported anymore (there are support options but everyday are less and less)
0
 
mburdickCommented:
A Windows-based solution without commercial firewall software on top of it is going to have more holes than all the cheese in Switzerland. Plus, it's going to require a more powerful machine because Windows has high requirements itself.

I agree with Redimido - RH9 was a decent distro, but RedHat threw it to the curb and it simply isn't supported any more.

Fedora Core is popular, and there are a lot of support forums out there.

As I mentioned earlier, I use SuSE, and I like it.
0
 
bmquintasCommented:
I'll stick with the mburdick on that, beside Fedora, also Mandrake (sorry.. Mandriva now!), and Suse have great support by lots of forums.
0
 
Nick UpsonPrincipal Operations EngineerAuthor Commented:
I'm really looking for a quick, download - install and go solution, I only mentioned RH9 because that's what my local server is running. The only real recommendation so far is for smoothwall, how secure is it? are the others I found no good?
0
 
Gabriel OrozcoSolution ArchitectCommented:
I would go after smootwall in such case =)

it is very secure.

ipcop has also good comments
0
 
dribulottaCommented:
I’m using a Pentium mmx 266Mhz, 128Mb ram, hd 4 Gb with RH9 acting as a router, firewall with iptables, CHCP server, VPN pptpd server and Squid proxy with no Xwindows to reduce cpu time and is working really good, peak cpu is 65%, no problems in 16 months, this machine serves 9 pc running windows xp and 3 linux boxes and my internet connection is T1.
You can download RH9 from www.linusiso.org

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.