dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2826
xow
join:2014-09-06

xow

Member

DIY firewall/router from old PC (with any *nix)

This particular PC is a used Pentium 4 with 1GB RAM. I use a paid VPN service called CyberGhostVPN and want the connection to be always on instead of having to log out and in every time my computer goes to sleep (which I know can be avoided by changing power settings (I'd rather not do that)) or when I have to reboot it. I also want it so I can get one VPN connection to serve multiple devices (which I already asked about).

The connection is OpenVPN and I think the encryption is 256 with, like, 4096 "hand shakes" or something. Sorry I'm very new to internet security, despite me wanting to do this for years. My bandwidth is 20 - 25 down and 3 - 6 up (in Mbps). However, depending on the server I use, my bandwidth can be increased to as much as 107Mbps down or decreased to as low as 2Mbps down.

I basically want to turn the old PC I mentioned into a *nix router/firewall using either a setup like this:

(Devices) >> (wireless nic of PC) >> (Ethernet nic of PC) >> (modem/router, provided by Comcast) >> (connection to internet via coaxial cable).

or a setup like this:

(Devices) >> (standard commercial wireless router) >> (Ethernet nic #1 of PC)>> (ethernet nic #2 of PC)>> (modem router, provided by comcast)>> connection to internet via coaxial cable.

Again, I've wanted to do this for quite some time, but it always seems too complicated for me. If anyone has any suggestions, as far as my setup goes, which OS I pick, or ANYTHING else at all. Please do leave a reply.

Thanks for reading!!
HarryH3
Premium Member
join:2005-02-21

HarryH3

Premium Member

It's quite likely that your ancient P4 system draws way more power than your newer system. It would cost you less to just leave your newer system on when not in use than to leave the P4 running 24/7.

Another option would be to use a router that can be an OpenVPN end point. Newer ASUS models have decent VPN services out of the box and can be easily made even more robust by installing Merlin custom firmware.
applerule
Premium Member
join:2012-12-23
Northeast TN
(Software) pfSense
ARRIS SB6183
Asus RT-N66

1 recommendation

applerule to xow

Premium Member

to xow
I use pfSense for my router, and it will connect to an OpenVPN connection. pfSense will do a site-to-site VPN with OpenVPN; however, I do not use mine in this manner.

You can read more about pfSense Site-To-Site OpenVPN here: »doc.pfsense.org/index.ph ··· _To_Site

I would agree with HarryH3 you will most likely have more success by using a newer wireless router and a custom firmware. If your current router is older, it may be able to run DD-WRT. Certain "flavors" of DD-WRT can act as an OpenVPN client.

Here's dd-wrt if you want to look into flashing an older router with it: »www.dd-wrt.com/site/index Just a heads up, you can brick your router if you screw it up. There are other custom router firmwares out there as well.

In the long run, it will most likely be more cost effective to use a wireless router (new or old), instead of keeping a power hungry P4 running for this purpose. Unless you are looking at doing anything beyond basic wireless and acting as an OpenVPN client, the correct wireless router would suit your needs well in my opinion.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

1 recommendation

NOYB

Premium Member


Ditto on pfSense.

Take it for a test drive. Since you already have the PC it's "free".

I've been using pfSense for several years now on an old Dell Inspiron 5100 (P4) connected to a smart switch (VLAN support for WAN and LAN with single NIC).
HELLFIRE
MVM
join:2009-11-25

1 recommendation

HELLFIRE to xow

MVM

to xow
quote:
I've wanted to do this for quite some time, but it always seems too complicated for me.
Learning outside your comfort zone's always good and admirable.

Personally, I'd DEFINATELY use your old PC for two reasons : 1) it's not in use, 2) the hardware
is available at 'no cost.' No specific recommendations for *nix firewall / router distros, but
before putting this into play, I'd run it as any other PC on your home network, just so if you plan
and mess something up, it doesn't take down your whole network. Once you get it working, THEN you
can set this system up as you diagrammed out.

I also think an idiot box (read:home router) with an alt firmware with OpenVPN is another option,
if you so feel and have the funds to spare.

My 00000010bits

Regards
bennor
Premium Member
join:2006-07-22
New Haven, CT

1 recommendation

bennor to xow

Premium Member

to xow
Another+1 for PFSense. Used it for years with an ancient PC primarily for OpenVPN into a business I used to work for. Once setup and configured it worked great. Make sure to have two (or more) networking ports on the PC though. Had two old 10/100 PCI networking cards laying around as spares that I used when setting up the software on this PC.

Drunkula
Premium Member
join:2000-06-12
Denton, TX

1 recommendation

Drunkula to xow

Premium Member

to xow
I used pfSense for a while. Also used m0n0wall. I liked them both.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to bennor

Premium Member

to bennor
Only 1 NIC is necessary if connected to a VLAN capable switch (smart or managed switch). That is what I do. The NIC is connected to a smart switch with the LAN being the default / "physical" and WAN being a VLAN.