Recent content by mtganzer

Nicely described, though I Would change 1st option to: If you use VPN and/or want an IDPS (i.e Snort or Suricatta)

A couple nits. First, pfSense is built on FreeBSD, and you can install any of the available FreeBSD packages. But yes it's FreeBSD not Linux. But also if you are advocating running firewall + file server + app cache + whatever on a single OS instance, I have to ask WHY? Management and...

...or pfSense, OPNsense, etc. BTW I have not set up a BARE Linux box as a router/firewall since...oh...probably 2000! Unless you are (or want to be) a wizard with raw iptables, best to find a distribution that has simple router/firewall front end (anyone remember Mandrake Single Network...

Having just set up a pfSense firewall (retirement project for the home office/home network), I happened to notice that the hpHosts list they use in their testing is one of the feeds that I set up the pfBlockerNG plugin to use. I also set up pfSense to forward DNS queries to Quad9 after passing...

Yes, but those power consumption numbers...yikes! Re the rest of this thread, I give you this thought, which I find useful in network engineering as well other parts of life: “The enemy of a good plan is the dream of a perfect plan.” - Carl von Clausewitz

Late to the party here as I have been on vacation.... My understanding is that both Ubiquiti and VyOS were forked from the Vyatta "Community" code base before Brocade took it closed-source, so the AT&T acquisition should not have any affect.

Looks like the "Platform + free apps" still have OpenVPN server. The comparison between the tiers is shown at this page. Looks like an interesting alternative to pfSense Edit: Show stopper for me is no DHCPv6-PD support for IPv6 WAN connection.

If all you need is to see why the VPN is disconnecting, rsyslog with filters to separate by device (Ubuntu does this by default) is just fine. You can easily extract what you need with basic Unix tools along with some standard log parsing tools like like logwatch/fwlogwatch. Logstash, NLS and...

The problem with Splunk pricing is it is based on volume of log data you collect - 1GB/day costs $5K (+ annual maintenance) and up from there. NLS is priced per instance ($2K for single instance, unlimited log volume). I agree Splunk can do a lot IF you have someone that knows how to set up...

Or you can download the free version of Nagios Log Server, which is based on the ELK stack. The free version will only log 500 Mb per day, but I doubt most of our home networks generate that much data. We switched from Splunk to this at work (Splunk was horribly expensive for the volume we...

Managed to get it, and the image is definitely not been updated since 2013. I didn't have time to put it on a Pi, but looking at the release notes, it doesn't look like anything you could not already download for free as tarballs from VMware.

I can't get a download for it, but per the web page seems like it may not have been updated for a while (since ESXi 5.1?). I have to admit I don't do a lot of CLI management of my home server (mainly just spinning up or tearing down test VM's), so I just use SSH port forwarding for ESXi...

Yup my Ooma Telo is only 100Mbps, so non-starter for me to put inline. Looks like all they are doing is providing a DNS Blackhole service, which you can get by subscribing to OpenDNS, or do yourself by setting up your own DNS Blacklist using PiHole.

Our reps said exactly that. The SAN fabric market is pretty much all OEM'd to storage vendors like EMC, and Broadcom wanted into that space. The network side competes with their OEM networking customerss, hence the desire to spin that off. We are a pretty-decent size Brocade network product...

The Brocade networking business is not just Ruckus, it is the entire pre-merger Foundry Networks line. Basically Broadcom wanted the SAN storage fabric portion of the company, and is willing to jettison the rest so they are not competing with their customers (the ones they provide merchant...