Longshot Posted February 9, 2011 Share Posted February 9, 2011 Hi im looking for a preferably free (or very Cheap :blush: ) Linux based proxy server alternative to Forefront TMG. So needs at least Firewall, web proxying and web publishing capabilities for approx. 200+ PC?s Needs to accommodate 4 separate network address ranges via VLANS plus a separate external internet connection. I have a very limited Linux knowledge so something easy to setup and maintain with a good GUI would be a bonus. Any recommendations would be greatly received. Many thanks in advance, Longshot. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted February 9, 2011 MVC Share Posted February 9, 2011 There are plenty of FREE linux distros for exactly this sort of thing. Pfsense would be my first choice, but then there is IPcop, SmoothWall, m0noWall, even Clarkconnect (now ClearOS) which can be used in free mode depending on what features you want. All of the those suggested disto's require little or even no linux exp, they all use a webgui to admin.. So if you can follow simple instructions to get it installed to your machine -- ie boot A CD ;) Pretty much all config/admin is from then on done via the webgui. Only question is your web publishing statement?? Do you want to host websites right on this box? Sure that can be done, or are you looking at like reverse proxy setup? But sure they all use squid as their proxy/content filtering -- which can do reverse proxy, etc. As to support of 200+ machines -- comes down to the hardware aspect of it.. I would not run say 200 users on a p3 with 800mhz or something.. But you will be surprised at how much little horse power you can get by with. pfsense has some sizing recommendation, and so does squid, etc. http://www.pfsense.org/index.php?option=com_content&task=view&id=52&Itemid=49 Sizing is going to come down more to your inet pipe and being able to fully utilize it other than number of users. Link to comment Share on other sites More sharing options...
Longshot Posted February 10, 2011 Author Share Posted February 10, 2011 There are plenty of FREE linux distros for exactly this sort of thing. Pfsense would be my first choice, but then there is IPcop, SmoothWall, m0noWall, even Clarkconnect (now ClearOS) which can be used in free mode depending on what features you want. All of the those suggested disto's require little or even no linux exp, they all use a webgui to admin.. So if you can follow simple instructions to get it installed to your machine -- ie boot A CD ;) Pretty much all config/admin is from then on done via the webgui. Only question is your web publishing statement?? Do you want to host websites right on this box? Sure that can be done, or are you looking at like reverse proxy setup? But sure they all use squid as their proxy/content filtering -- which can do reverse proxy, etc. As to support of 200+ machines -- comes down to the hardware aspect of it.. I would not run say 200 users on a p3 with 800mhz or something.. But you will be surprised at how much little horse power you can get by with. pfsense has some sizing recommendation, and so does squid, etc. http://www.pfsense.org/index.php?option=com_content&task=view&id=52&Itemid=49 Sizing is going to come down more to your inet pipe and being able to fully utilize it other than number of users. Hi Budman, Thank you for your reply. Sorry i wasn’t very clear about web publishing, the actual websites will be on a different server. So yes I am looking at Reverse proxy. I will take a look at your recommendations and in particular PFsense, that had come up as had some of the others you listed during my research. But obviously its best to get some recommendations from someone with experience of the software. Does PFsense work well with VLANS? So again thank you very much for your input. Longshot. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted February 10, 2011 MVC Share Posted February 10, 2011 I have been using pfsense for quite some time, changed over from ipcop a few years back. Currently using the 2.0 beta line - but ran stable 1.x versions for a couple of years never any issues. I currently do not use vlans - but yeah yes it has full vlan support. Are you looking to put 4 different nics into the box and putting them each on their own vlan - or a vlan switch before the pfsense box? But you can put in as many nics as you have slots for on your pfsense box. And then sure use pfsense as your firewall between each vlan. these links should help http://doc.pfsense.org/index.php/HOWTO_setup_vlans_with_pfSense http://doc.pfsense.org/index.php/VLAN_Trunking Link to comment Share on other sites More sharing options...
Recommended Posts