It can also be used to throttle down bandwidth eating services like online video. QOS is essential for running VOIP and other mission-critical applications. It is however usable despite some potential complicated setups. The QOS is very configurable, but still not quite a user friendly as other platforms. Untangle also now support firewall bypassing for high-availability applications, and supports a form of QOS (Quality of service). Some types of traffic will require custom configurations, but so far I haven’t found any sort of traffic that Untangle has problems with. I am happy to say that Untangle now fully supports multi-protocol traffic like VOIP or Ipsec. When we started using Untangle, it was not designed to handle advanced protocols including some VPN services, and multi-protocol traffic like VOIP (Voice over IP) phone services. If you have used cisco, sonicwall or other VPN services, this will be a breath of fresh air in administration and setup.
It makes VPN administration and setup a breeze.
#UNTANGLE FIREWALL WIKI SOFTWARE#
Open VPN is much simpler than any VPN software I have used on either the client or host side. The VPN also supports site-to-site VPN allowing 2 or more offices to virtually share the same network no matter their distance from each-other.
#UNTANGLE FIREWALL WIKI INSTALL#
VPN users are sent a custom key and connection for them to install on their computer. It is extremely easy to add, suspend and remove VPN users. There is no limit other than that of your hardware for the number of VPN users your appliance can support. Something I didn’t discus in my last article was the VPN. They work well for what they’re designed to do, but they are not designed for this.Ĭurrent hardware recommendations are as follows: Embedded processors like Atoms, or VIA’s are not a good match for a firewall, even through they are designed to fit in compact sized enclosures. If you do decide to build a Untangle or other firewall appliance, keep this in mind. The faster the processors, the better a firewall appliance will perform. Unlike most human related computer activities, packet inspection and other firewall activities are very processor intensive. Additionally for any datacenter usage, you don’t need to worry about sound, so a more robust server could probably be setup for the same cost. If you have the budget and usage to require it, you could put this on a dual quad-CPU server and put 32Gb or more ram on it. This is still a low-end server, but is silent and would work well for a moderate sized office. Don’t use a desktop Ethernet card in a server like this and expect good performance, you need a quality 3com, Intel or other enterprise quality card. A quality single port Ethernet card would run around $75.
The $1000 tag on this server with 6 Ethernet ports is still a bargain. If you need more ports, a quality 4 port PCI-E Ethernet card runs about $350. This would be comparable to a $3000+ Sonicwall or similar appliance and would be significantly more quiet. Processor – Intel Core 2 Duo E7500: ~$105 Refurbished or used could result in a 30% – 50% reduction in price). I would like to revisit the untangle appliance as it has undergone numerous improvements, and in my opinion is now a fully capable replacement for an off-the-shelf firewall appliance.įor a solid, and completely silent firewall for a business environment, here’s my current recommendation (Prices are for new components. Since then, Untangle has come a long way. A few years ago I blogged about using the Untangle firewall to replace a Sonicwall or similar firewall appliance.