Solved

Smoothwall, ClarkConnect or home rolled firewall/proxy/VPN server ?

Posted on 2008-06-18
7
552 Views
Last Modified: 2013-11-15
OK, as per thread title I am curious about your thoughts on Smoothwall v ClarkConnect.

At present we run a Smoothwall Corporate 3 server, primarily as a combined firewall and VPN server for 20 remote workers and one site-to-site link. It's a long time past its sell-by date, so I need to replace it.

I've been playing around with a Ubuntu Linux based-home rolled counterpart and I am happy with it to the point where I'd be prepared to roll it out - currently it can handle the firewall side of things with aplomb, the VPN tunnels and it can also do proxy/content filtering/logging and other nonsense.

Ordinarily I'd rather have a separate proxy/content filter in a box sitting behind the firewall, but in this case that won't be an option.

Trouble is, whatever solution I put in place I need to know that whoever follows along behind me can pick it up.

That leads me back to a commercially available GUI driven product a la Smoothwall or ClarkConnect - most of the lower end security appliances won't be as cost effective if we take the VPN tunnel requirements into account.

So, thoughts on the comparative merits or possible alternatives would be appreciated.
0
Comment
Question by:Copyleft
  • 3
  • 3
7 Comments
 
LVL 19

Accepted Solution

by:
bevhost earned 300 total points
ID: 21811304
It's been a really long time since I evaluated these, but at the time I decided to stick with SME Server from contibs.org,  which has a lot more features and doesn't require any licenses.
If by VPN you mean PPTP remote access rather than LAN to LAN IPSEC style then SME server is nice and easy to set up.  It will also operate as the email server and file server with public/private access controls for it's 'Information Bays'.  
See
http://wiki.contribs.org/SME_Server:Documentation:User_Manual:Chapter1#VPN_Access
0
 

Author Comment

by:Copyleft
ID: 21811315
Thanks for the input.

I should have explained that we are using L2TP/IPSEC, hence I went for a Ubuntu/DansGuardian/OpenSwan solution to play with.

Our site to site and remote worker tunnels are all L2TP/IPSEC and I don't want to change that.

I will take a closer look at SME Server - I played with an earlier version some time ago and was not too keen back then, but now...
0
 
LVL 19

Expert Comment

by:bevhost
ID: 21811419
Doesn't sound SME server is for you.
What is your motivation for wanting to change ?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:Copyleft
ID: 21811471
Smoothwall Corporate 3 is years old now and, although still capable in its own right, I'd like to implement proxy and content control, and inline AV scanning. Possibly even mail relay.

I'm happy enought o go to the latest Smoothwall 2008 (a jump of several versions) but the interface is different and network and other vital system settings are not directly available for export/import during an upgrade.

I figure if I have to start manually configuring a whole lot of stuff on a brand new box I should really look at which product it makes more sense to tinker with.

Smoothwall is currently a very strong contender with the additional modules to run the functions I'd like to have, but I'm open to alternatives.
0
 
LVL 10

Assisted Solution

by:Casey Herman
Casey Herman earned 200 total points
ID: 21811719
I have been pleased with CC. I have been running it for about 2 years and it is very stable.  Very maintenance free.  Using it for DNS, antivirus, and file storage at home.  Has a lot of features a good gui for non techies.

Casey
0
 

Author Closing Comment

by:Copyleft
ID: 31468262
Split the points according to how useful the comments were
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22068470
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA 5520 problem with Failover in Active/Standby 8 132
SSL VPN 3 48
VPN Tunnel Stops Working Cisco RV130W 18 54
auto connect vpn 17 59
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question