In the market for a new router

[Pwnd2Pwnr]

OK... so I have a broke router and a 2wire... both DSL (Can't get cable modems in my apartment due to contracts or some bs like that).

What would you guys recommend for a configurable, open source, home router with a few bells and whistles that would be compatible with Ubuntu 12.04, and has nice security features?

Have a happy Thanks Giving!

[yield]

A good old PC with a flash card.

You could then install :

- PFSense

- M0n0Wall

- IPCop <- Not sure if still exist...

- Linux with iptables.

- Tomato

What I did in my case, I purchasses a Soekris device. They have plenty of differents devices. You can check here : http://soekris.com

I personally run PFSense. It's based on a BSD, same as m0n0wall.

[Radau]

You could build a PfSense firewall and get a free Meraki access point by going to a webinar and signing up with a "business email" ( I used my clans email;p). Combine it with PfSense, tweak it a bit and you have a beast firewall and AP. If you're interested, I'd get it before Cisco finishes buying them: http://www.meraki.com/freeap

[murder_face]

You could build a PfSense firewall and get a free Meraki access point by going to a webinar and signing up with a "business email" ( I used my clans email;p). Combine it with PfSense, tweak it a bit and you have a beast firewall and AP. If you're interested, I'd get it before Cisco finishes buying them: http://www.meraki.com/freeap

Have you tried flashing your meraki AP yet? I have been searching around for a way to install Jasaeger and all of the information is from 2009-10. My AP is on a UPS track on its way to me and I kind of want to be able to hit the ground running when it shows up...

[Matt Lestock]

You could build a PfSense firewall and get a free Meraki access point by going to a webinar and signing up with a "business email" ( I used my clans email;p). Combine it with PfSense, tweak it a bit and you have a beast firewall and AP. If you're interested, I'd get it before Cisco finishes buying them: http://www.meraki.com/freeap

This is exactly what I've done, I used to have a Netgear WNDR3000 that I installed DD-WRT on. And while it worked, it was flaky with the wireless at times. Requiring a reboot or a wait it out method before the wireless signal would come back. Finally I got fed up enough to convert an old 3.0gHz Dell Optiplex SFF that I had laying around into a PFSense box. It was by far the best decision I've made for the internal network at my house in a while.

This is the connection quality from the PFSense box - http://www.speedtest.net/result/2413062881.png

Instead of using a built in wireless card in the PFSense machine and opting to make that the Orange interface I opted for the free Meraki MR12 from the webinar like you. So far it's been absolutely rock solid. You're not going to be able to install things like Jasager on it, but for a stable access point, it really can't be beat and the feature set is pretty impressive as well.

[telot]

Sweet! my m12 is on its way right now - I'm so glad to hear that its worked out well for you Matt (also, welcome back!?).

Also, are you in kansas city? Where in this country can you get speeds like that?

telot

[madhak]

Sorry to bump this tread but anyone here know about ClearOS? I've been using it for a while and it work fantastic, maybe not as customizable as PFSense but it run traight out the box. but how secure is it, because it receive comunity update, is this really a good thing? to me it sound like a possible backdoor altho it passed all security audit I tried on, what do you think?

PS: MR series AP from Meraki rock, got my hand on a few MR66 and my wifi setup went from nightmare stuff to dream! The MX security applicance are pretty good to.

[silver-moonshine]

my mk12 should be with me in a week or 2 XD , really cant wait :D

[Matt Lestock]

Sorry to bump this tread but anyone here know about ClearOS? I've been using it for a while and it work fantastic, maybe not as customizable as PFSense but it run traight out the box. but how secure is it, because it receive comunity update, is this really a good thing? to me it sound like a possible backdoor altho it passed all security audit I tried on, what do you think?

PS: MR series AP from Meraki rock, got my hand on a few MR66 and my wifi setup went from nightmare stuff to dream! The MX security applicance are pretty good to.

Madhak, I myself run PFsense because I've encountered it before. But thanks for reminding me about ClearOS, it's something I've wanted to check out but have never gotten around to. There are other systems out there like Vyatta and even smoothwall which is another fork of monowall.

As far as why I chose PFsense, I really just wanted a lightweight system that could provide great uptime, reliability, and speed.

For my home use, the ClearOS software has a lot of modules and addons that I just wouldn't need. That being said, the communities behind these products are often just as important as the software itself. PFsense is less frequently updated than ClearOS probably but that's because it has a pretty specific purpose out of the box. So if you have a great community there's near limitless things that you can do with the solution.

The one thing I really quite like about ClearOS from what I can see is it's a low technical entry into the small / medium businesses that don't have the money, technical knowledge, or ability to deploy cisco or juniper like solutions but want some of the advanced features that those deployments offer. The app marketplace provides an extremely low entry point in getting advanced features for free or a small subscription fee. Again, that could be a big seller to certain individuals and companies.

As far as security, ClearOS just like PFsense is an open source solution. Which means there is a governing body who must approve all changes to the code before a package gets released to the public. Now if you're pulling code and files directly from SVN, and depending on what their SVN publishing settings are defined as, there's always a possibility that someone could have tried to hide some code somewhere that gives you backdoor access, but to be honest with you I've only really ever heard of 1 or 2 backdoors making it into an actual release package on sourceforge. So you should be ok.

Again, those are my thoughts on the matter, feel free to take them all with some salt ;)

Matt

Edited January 10, 2013 by Matt Lestock